From 07f470571f6fc2709bdcf62fad0e6c4c1bf4e1b9 Mon Sep 17 00:00:00 2001 From: Apple Date: Tue, 29 Jun 2004 05:23:23 +0000 Subject: [PATCH] network_cmds-201.tar.gz --- Makefile | 2 +- alias/alias.c | 23 +- alias/alias.h | 23 +- alias/alias_cuseeme.c | 23 +- alias/alias_db.c | 23 +- alias/alias_ftp.c | 23 +- alias/alias_irc.c | 23 +- alias/alias_local.h | 23 +- alias/alias_nbt.c | 23 +- alias/alias_pptp.c | 23 +- alias/alias_proxy.c | 23 +- alias/alias_smedia.c | 23 +- alias/alias_util.c | 23 +- bootparams/bootparamd.tproj/Makefile | 2 +- .../bootparamd.tproj/Makefile.postamble | 5 + bootparams/bootparamd.tproj/PB.project | 2 +- bootparams/bootparamd.tproj/bootparam_proc.c | 27 +- bootparams/bootparamd.tproj/bootparamd.8 | 31 + bootparams/bootparamd.tproj/bootparamd.c | 21 +- bootparams/bootparams/bootparam_prot.x | 21 +- bootparams/bpwhoami.tproj/bpwhoami.c | 21 +- domainname.tproj/domainname.1 | 6 +- domainname.tproj/domainname.c | 21 +- ifconfig.tproj/ifconfig.c | 2 +- ifconfig.tproj/ifconfig.h | 2 +- inetd.tproj/Makefile | 50 - inetd.tproj/Makefile.postamble | 110 - inetd.tproj/Makefile.preamble | 113 - inetd.tproj/PB.project | 41 - inetd.tproj/inetd.8 | 381 -- inetd.tproj/inetd.c | 1293 ------ inetd.tproj/pathnames.h | 67 - ip6conf.tproj/ip6tool.c | 21 +- ipfw.tproj/Makefile | 2 +- ipfw.tproj/ipfw.8 | 2189 +++++++-- ipfw.tproj/ipfw.c | 2420 ---------- ipfw.tproj/ipfw2.c | 4034 +++++++++++++++++ kdumpd.tproj/kdump.h | 23 +- kdumpd.tproj/kdumpsubs.h | 21 +- logger.tproj/logger.c | 21 +- makedbm.tproj/_db.h | 21 +- makedbm.tproj/db.c | 21 +- makedbm.tproj/makedbm.c | 21 +- makedbm.tproj/ypdb.c | 21 +- makedbm.tproj/ypdb.h | 21 +- makedbm.tproj/ypdef.h | 21 +- natd.tproj/icmp.c | 23 +- natd.tproj/natd.c | 23 +- natd.tproj/natd.h | 23 +- netstat.tproj/data.c | 21 +- netstat.tproj/main.c | 21 +- netstat.tproj/mbuf.c | 21 +- netstat.tproj/mroute.c | 21 +- netstat.tproj/netstat.h | 21 +- netstat.tproj/route.c | 21 +- netstat.tproj/unix.c | 21 +- nfsd.tproj/nfsd.c | 21 +- nfsiod.tproj/nfsiod.c | 21 +- nfsstat.tproj/nfsstat.c | 21 +- ping.tproj/ping.c | 21 +- racoon.tproj/crypto_openssl.c | 91 +- racoon.tproj/crypto_openssl.h | 2 +- racoon.tproj/grabmyaddr.c | 192 +- racoon.tproj/grabmyaddr.h | 2 + racoon.tproj/isakmp.c | 38 +- racoon.tproj/isakmp_var.h | 1 + racoon.tproj/oakley.c | 2 +- racoon.tproj/pfkey.c | 8 +- racoon.tproj/session.c | 19 +- rarpd.tproj/rarpd.c | 21 +- rcp.tproj/extern.h | 21 +- rcp.tproj/pathnames.h | 21 +- rcp.tproj/rcp.c | 21 +- rcp.tproj/util.c | 21 +- revnetgroup.tproj/hash.c | 21 +- revnetgroup.tproj/hash.h | 21 +- revnetgroup.tproj/parse_netgroup.c | 21 +- revnetgroup.tproj/revnetgroup.c | 21 +- rexecd.tproj/rexecd.c | 21 +- rlogin.tproj/des_rw.c | 21 +- rlogin.tproj/kcmd.c | 21 +- rlogin.tproj/krb.h | 21 +- rlogin.tproj/krcmd.c | 21 +- rlogin.tproj/rlogin.1 | 67 +- rlogin.tproj/rlogin.c | 21 +- rlogind.tproj/pathnames.h | 21 +- rlogind.tproj/rlogind.c | 21 +- route.tproj/keywords.h | 21 +- route.tproj/route.c | 21 +- routed.tproj/af.c | 21 +- routed.tproj/af.h | 21 +- routed.tproj/defs.c | 21 +- routed.tproj/defs.h | 21 +- routed.tproj/if.c | 21 +- routed.tproj/inet.c | 21 +- routed.tproj/input.c | 21 +- routed.tproj/interface.h | 21 +- routed.tproj/main.c | 21 +- routed.tproj/output.c | 21 +- routed.tproj/pathnames.h | 21 +- routed.tproj/startup.c | 21 +- routed.tproj/table.h | 21 +- routed.tproj/tables.c | 21 +- routed.tproj/timer.c | 21 +- routed.tproj/trace.c | 21 +- routed.tproj/trace.h | 21 +- rpc_lockd.tproj/lock_proc.c | 4 +- rpc_lockd.tproj/lockd_lock.c | 90 +- rpc_lockd.tproj/lockd_lock.h | 2 +- rpc_lockd.tproj/nlm_prot_svc.c | 2 +- rpc_statd.tproj/procs.c | 32 +- rpc_yppasswdd.tproj/passwd.c | 21 +- rpc_yppasswdd.tproj/rpc.yppasswdd.c | 21 +- rpc_yppasswdd.tproj/yppasswd.h | 21 +- rpc_yppasswdd.tproj/yppasswdd_mkpw.c | 21 +- rpc_yppasswdd.tproj/yppasswdd_proc.c | 21 +- rpcinfo.tproj/rpcinfo.c | 21 +- rsh.tproj/rsh.1 | 11 +- rshd.tproj/rshd.c | 21 +- ruptime.tproj/ruptime.c | 21 +- rwho.tproj/rwho.c | 21 +- rwhod.tproj/rwhod.c | 21 +- slattach.tproj/slattach.c | 21 +- spray.tproj/spray.c | 21 +- spray.tproj/spray.x | 21 +- stdethers.tproj/stdethers.c | 21 +- stdhosts.tproj/stdhosts.c | 21 +- syslogd.tproj/Makefile.postamble | 2 + syslogd.tproj/syslogd.c | 27 +- talk.tproj/ctl.c | 21 +- talk.tproj/ctl_transact.c | 21 +- talk.tproj/display.c | 21 +- talk.tproj/get_addrs.c | 21 +- talk.tproj/get_names.c | 21 +- talk.tproj/init_disp.c | 21 +- talk.tproj/invite.c | 21 +- talk.tproj/io.c | 21 +- talk.tproj/look_up.c | 21 +- talk.tproj/msgs.c | 21 +- talk.tproj/talk.c | 21 +- talk.tproj/talk.h | 21 +- talk.tproj/talk_ctl.h | 21 +- talkd.tproj/announce.c | 21 +- talkd.tproj/print.c | 21 +- talkd.tproj/process.c | 21 +- talkd.tproj/table.c | 21 +- talkd.tproj/talkd.c | 21 +- talkd.tproj/talkd.h | 21 +- telnet.tproj/krb4-proto.h | 21 +- telnet.tproj/telnet.c | 15 +- telnet.tproj/tn3270.c | 21 +- tftp.tproj/extern.h | 21 +- tftp.tproj/main.c | 21 +- tftp.tproj/tftp.c | 21 +- tftp.tproj/tftpsubs.c | 21 +- tftp.tproj/tftpsubs.h | 21 +- tftpd.tproj/Makefile.postamble | 4 + tftpd.tproj/tftpd.8 | 9 +- timed.tproj/timed.tproj/acksend.c | 21 +- timed.tproj/timed.tproj/byteorder.c | 21 +- timed.tproj/timed.tproj/candidate.c | 21 +- timed.tproj/timed.tproj/cksum.c | 21 +- timed.tproj/timed.tproj/correct.c | 21 +- timed.tproj/timed.tproj/extern.h | 21 +- timed.tproj/timed.tproj/globals.h | 21 +- timed.tproj/timed.tproj/master.c | 21 +- timed.tproj/timed.tproj/measure.c | 21 +- timed.tproj/timed.tproj/networkdelta.c | 21 +- timed.tproj/timed.tproj/pathnames.h | 21 +- timed.tproj/timed.tproj/readmsg.c | 21 +- timed.tproj/timed.tproj/slave.c | 21 +- timed.tproj/timed.tproj/timed.c | 21 +- timed.tproj/timedc.tproj/cmds.c | 21 +- timed.tproj/timedc.tproj/cmdtab.c | 21 +- timed.tproj/timedc.tproj/extern.h | 21 +- timed.tproj/timedc.tproj/timedc.c | 21 +- timed.tproj/timedc.tproj/timedc.h | 21 +- traceroute.tproj/traceroute.c | 21 +- trpt.tproj/trpt.c | 21 +- ypbind.tproj/Makefile.preamble | 2 +- ypbind.tproj/yp.x | 21 +- ypbind.tproj/ypbind.c | 21 +- ypcat.tproj/ypcat.c | 21 +- ypinit.tproj/Makefile | 4 +- ypmatch.tproj/ypmatch.c | 21 +- yppoll.tproj/yppoll.c | 21 +- yppush.tproj/ypdb.c | 21 +- yppush.tproj/ypdb.h | 21 +- yppush.tproj/ypdef.h | 21 +- yppush.tproj/yplib_host.c | 21 +- yppush.tproj/yplib_host.h | 21 +- yppush.tproj/yppush.c | 21 +- yppush.tproj/yppush.h | 21 +- yppush.tproj/yppush_err.c | 21 +- yppush.tproj/yppush_proc.c | 21 +- yppush.tproj/yppush_svc.c | 21 +- yppush.tproj/yppush_xdr.c | 21 +- ypserv.tproj/acl.c | 21 +- ypserv.tproj/acl.h | 21 +- ypserv.tproj/yp.h | 21 +- ypserv.tproj/ypdb.c | 21 +- ypserv.tproj/ypdb.h | 21 +- ypserv.tproj/ypdef.h | 21 +- ypserv.tproj/yplog.c | 21 +- ypserv.tproj/yplog.h | 21 +- ypserv.tproj/ypserv.c | 21 +- ypserv.tproj/ypserv_db.c | 21 +- ypserv.tproj/ypserv_proc.c | 21 +- ypserv.tproj/ypserv_xdr.c | 21 +- ypserv.tproj/ypserv_xdr_v1.c | 21 +- ypserv.tproj/ypv1.h | 21 +- ypset.tproj/ypset.c | 21 +- ypwhich.tproj/ypwhich.c | 21 +- ypxfr.tproj/ypdb.c | 21 +- ypxfr.tproj/ypdb.h | 21 +- ypxfr.tproj/ypdef.h | 21 +- ypxfr.tproj/yplib_host.c | 21 +- ypxfr.tproj/yplib_host.h | 21 +- ypxfr.tproj/yplog.c | 21 +- ypxfr.tproj/yplog.h | 21 +- ypxfr.tproj/ypxfr.c | 21 +- ypxfr.tproj/ypxfr_xdr.c | 21 +- 222 files changed, 8024 insertions(+), 7172 deletions(-) create mode 100644 bootparams/bootparamd.tproj/bootparamd.8 delete mode 100644 inetd.tproj/Makefile delete mode 100644 inetd.tproj/Makefile.postamble delete mode 100644 inetd.tproj/Makefile.preamble delete mode 100644 inetd.tproj/PB.project delete mode 100644 inetd.tproj/inetd.8 delete mode 100644 inetd.tproj/inetd.c delete mode 100644 inetd.tproj/pathnames.h delete mode 100644 ipfw.tproj/ipfw.c create mode 100644 ipfw.tproj/ipfw2.c diff --git a/Makefile b/Makefile index 9c7b2da..9bfbff8 100644 --- a/Makefile +++ b/Makefile @@ -16,7 +16,7 @@ SUBPROJECTS = timed.tproj bootparams TOOLS = arp.tproj domainname.tproj \ rpc_lockd.tproj rpc_statd.tproj \ - ifconfig.tproj inetd.tproj logger.tproj netstat.tproj\ + ifconfig.tproj logger.tproj netstat.tproj\ nfsd.tproj nfsiod.tproj nfsstat.tproj ping.tproj rarpd.tproj\ rcp.tproj rexecd.tproj rlogin.tproj rlogind.tproj\ route.tproj routed.tproj rpcinfo.tproj rsh.tproj rshd.tproj\ diff --git a/alias/alias.c b/alias/alias.c index 561245a..1d3cd05 100644 --- a/alias/alias.c +++ b/alias/alias.c @@ -3,19 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * The contents of this file constitute Original Code as defined in and - * are subject to the Apple Public Source License Version 1.1 (the - * "License"). You may not use this file except in compliance with the - * License. Please obtain a copy of the License at - * http://www.apple.com/publicsource and read it before using this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. * - * This Original Code and all software distributed under the License are - * distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY KIND, EITHER + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. + * + * The Original Code and all software distributed under the License are + * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License. + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/alias/alias.h b/alias/alias.h index a84dd6c..f6df7fc 100644 --- a/alias/alias.h +++ b/alias/alias.h @@ -3,19 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * The contents of this file constitute Original Code as defined in and - * are subject to the Apple Public Source License Version 1.1 (the - * "License"). You may not use this file except in compliance with the - * License. Please obtain a copy of the License at - * http://www.apple.com/publicsource and read it before using this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. * - * This Original Code and all software distributed under the License are - * distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY KIND, EITHER + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. + * + * The Original Code and all software distributed under the License are + * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License. + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/alias/alias_cuseeme.c b/alias/alias_cuseeme.c index a19be96..fcf0d0d 100644 --- a/alias/alias_cuseeme.c +++ b/alias/alias_cuseeme.c @@ -3,19 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * The contents of this file constitute Original Code as defined in and - * are subject to the Apple Public Source License Version 1.1 (the - * "License"). You may not use this file except in compliance with the - * License. Please obtain a copy of the License at - * http://www.apple.com/publicsource and read it before using this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. * - * This Original Code and all software distributed under the License are - * distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY KIND, EITHER + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. + * + * The Original Code and all software distributed under the License are + * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License. + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/alias/alias_db.c b/alias/alias_db.c index 5110bb1..8c8c708 100644 --- a/alias/alias_db.c +++ b/alias/alias_db.c @@ -3,19 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * The contents of this file constitute Original Code as defined in and - * are subject to the Apple Public Source License Version 1.1 (the - * "License"). You may not use this file except in compliance with the - * License. Please obtain a copy of the License at - * http://www.apple.com/publicsource and read it before using this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. * - * This Original Code and all software distributed under the License are - * distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY KIND, EITHER + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. + * + * The Original Code and all software distributed under the License are + * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License. + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/alias/alias_ftp.c b/alias/alias_ftp.c index 7985a95..db53902 100644 --- a/alias/alias_ftp.c +++ b/alias/alias_ftp.c @@ -3,19 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * The contents of this file constitute Original Code as defined in and - * are subject to the Apple Public Source License Version 1.1 (the - * "License"). You may not use this file except in compliance with the - * License. Please obtain a copy of the License at - * http://www.apple.com/publicsource and read it before using this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. * - * This Original Code and all software distributed under the License are - * distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY KIND, EITHER + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. + * + * The Original Code and all software distributed under the License are + * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License. + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/alias/alias_irc.c b/alias/alias_irc.c index e33ad75..090b430 100644 --- a/alias/alias_irc.c +++ b/alias/alias_irc.c @@ -3,19 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * The contents of this file constitute Original Code as defined in and - * are subject to the Apple Public Source License Version 1.1 (the - * "License"). You may not use this file except in compliance with the - * License. Please obtain a copy of the License at - * http://www.apple.com/publicsource and read it before using this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. * - * This Original Code and all software distributed under the License are - * distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY KIND, EITHER + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. + * + * The Original Code and all software distributed under the License are + * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License. + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/alias/alias_local.h b/alias/alias_local.h index 8aeb983..2ff5b64 100644 --- a/alias/alias_local.h +++ b/alias/alias_local.h @@ -3,19 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * The contents of this file constitute Original Code as defined in and - * are subject to the Apple Public Source License Version 1.1 (the - * "License"). You may not use this file except in compliance with the - * License. Please obtain a copy of the License at - * http://www.apple.com/publicsource and read it before using this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. * - * This Original Code and all software distributed under the License are - * distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY KIND, EITHER + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. + * + * The Original Code and all software distributed under the License are + * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License. + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/alias/alias_nbt.c b/alias/alias_nbt.c index f0b8048..2afc21d 100644 --- a/alias/alias_nbt.c +++ b/alias/alias_nbt.c @@ -3,19 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * The contents of this file constitute Original Code as defined in and - * are subject to the Apple Public Source License Version 1.1 (the - * "License"). You may not use this file except in compliance with the - * License. Please obtain a copy of the License at - * http://www.apple.com/publicsource and read it before using this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. * - * This Original Code and all software distributed under the License are - * distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY KIND, EITHER + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. + * + * The Original Code and all software distributed under the License are + * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License. + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/alias/alias_pptp.c b/alias/alias_pptp.c index 03e1a22..3e76de4 100644 --- a/alias/alias_pptp.c +++ b/alias/alias_pptp.c @@ -3,19 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * The contents of this file constitute Original Code as defined in and - * are subject to the Apple Public Source License Version 1.1 (the - * "License"). You may not use this file except in compliance with the - * License. Please obtain a copy of the License at - * http://www.apple.com/publicsource and read it before using this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. * - * This Original Code and all software distributed under the License are - * distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY KIND, EITHER + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. + * + * The Original Code and all software distributed under the License are + * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License. + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/alias/alias_proxy.c b/alias/alias_proxy.c index 67299c0..70827b1 100644 --- a/alias/alias_proxy.c +++ b/alias/alias_proxy.c @@ -3,19 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * The contents of this file constitute Original Code as defined in and - * are subject to the Apple Public Source License Version 1.1 (the - * "License"). You may not use this file except in compliance with the - * License. Please obtain a copy of the License at - * http://www.apple.com/publicsource and read it before using this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. * - * This Original Code and all software distributed under the License are - * distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY KIND, EITHER + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. + * + * The Original Code and all software distributed under the License are + * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License. + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/alias/alias_smedia.c b/alias/alias_smedia.c index 8937903..933c1b2 100644 --- a/alias/alias_smedia.c +++ b/alias/alias_smedia.c @@ -3,19 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * The contents of this file constitute Original Code as defined in and - * are subject to the Apple Public Source License Version 1.1 (the - * "License"). You may not use this file except in compliance with the - * License. Please obtain a copy of the License at - * http://www.apple.com/publicsource and read it before using this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. * - * This Original Code and all software distributed under the License are - * distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY KIND, EITHER + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. + * + * The Original Code and all software distributed under the License are + * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License. + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/alias/alias_util.c b/alias/alias_util.c index 28ea257..ef1cf42 100644 --- a/alias/alias_util.c +++ b/alias/alias_util.c @@ -3,19 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * The contents of this file constitute Original Code as defined in and - * are subject to the Apple Public Source License Version 1.1 (the - * "License"). You may not use this file except in compliance with the - * License. Please obtain a copy of the License at - * http://www.apple.com/publicsource and read it before using this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. * - * This Original Code and all software distributed under the License are - * distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY KIND, EITHER + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. + * + * The Original Code and all software distributed under the License are + * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License. + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/bootparams/bootparamd.tproj/Makefile b/bootparams/bootparamd.tproj/Makefile index ae0309c..eab646b 100644 --- a/bootparams/bootparamd.tproj/Makefile +++ b/bootparams/bootparamd.tproj/Makefile @@ -14,7 +14,7 @@ PROJECT_TYPE = Tool CFILES = bootparamd.c bootparam_proc.c -OTHERSRCS = Makefile.preamble Makefile Makefile.postamble +OTHERSRCS = Makefile.preamble Makefile Makefile.postamble bootparamd.8 MAKEFILEDIR = $(MAKEFILEPATH)/pb_makefiles diff --git a/bootparams/bootparamd.tproj/Makefile.postamble b/bootparams/bootparamd.tproj/Makefile.postamble index 411cde6..97757d6 100644 --- a/bootparams/bootparamd.tproj/Makefile.postamble +++ b/bootparams/bootparamd.tproj/Makefile.postamble @@ -98,3 +98,8 @@ # owned by the top-level Makefile API and no context has been set up for where # derived files should go. # + +after_install: + install -d $(DSTROOT)/usr/share/man/man8 + install -c -m 444 bootparamd.8 $(DSTROOT)/usr/share/man/man8 + diff --git a/bootparams/bootparamd.tproj/PB.project b/bootparams/bootparamd.tproj/PB.project index 89f2397..542b6d5 100644 --- a/bootparams/bootparamd.tproj/PB.project +++ b/bootparams/bootparamd.tproj/PB.project @@ -4,7 +4,7 @@ FRAMEWORKS = (); H_FILES = (); OTHER_LINKED = (bootparamd.c, bootparam_proc.c); - OTHER_SOURCES = (Makefile.preamble, Makefile, Makefile.postamble); + OTHER_SOURCES = (Makefile.preamble, Makefile, Makefile.postamble, bootparamd.8); SUBPROJECTS = (); }; LANGUAGE = English; diff --git a/bootparams/bootparamd.tproj/bootparam_proc.c b/bootparams/bootparamd.tproj/bootparam_proc.c index faa0ff3..ddb6f19 100644 --- a/bootparams/bootparamd.tproj/bootparam_proc.c +++ b/bootparams/bootparamd.tproj/bootparam_proc.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ @@ -153,7 +154,7 @@ struct svc_req *req; sprintf(s, bp->bp_bootparams[i] + len); p = strchr(s, ':'); - if (p == NULL) + if ((p == NULL) || (p == s)) { hostname[0] = '\0'; res.server_name = hostname; @@ -162,7 +163,9 @@ struct svc_req *req; res.server_address.bp_address_u.ip_addr.lh = 0; res.server_address.bp_address_u.ip_addr.impno = 0; res.server_address.address_type = 1; - res.server_path = s; + + if (p == NULL) res.server_path = s; + else res.server_path = s + 1; if (debug) { diff --git a/bootparams/bootparamd.tproj/bootparamd.8 b/bootparams/bootparamd.tproj/bootparamd.8 new file mode 100644 index 0000000..ff28b4f --- /dev/null +++ b/bootparams/bootparamd.tproj/bootparamd.8 @@ -0,0 +1,31 @@ +.Dd Oct 27, 20023 +.Dt bootparamd 8 +.Os Mac OS X +.Sh NAME +.Nm bootparamd +.Nd boot parameter server +.Sh SYNOPSIS +.Nm +.Op Fl d +.Op Fl r Ar router +.Sh DESCRIPTION +.Nm +provides configuration parameters for clients using the bootparams RPC protocol. +The server is not started by default on Mac OS X systems, nor is it used by +Mac OS X clients. +.Pp +When invoked with the +.Fl d +option, +.Nm +runs in debug mode. +It remains attached to the controlling terminal and prints a log of its activity. +.Pp +The +.Fl r Ar router +option may be used to set the router returned in WHOAMI replies. +The +.Ar router +argument may be a name or a dotted-quad IP address. +.Sh SEE ALSO +bootparams(5), lookupd(8) diff --git a/bootparams/bootparamd.tproj/bootparamd.c b/bootparams/bootparamd.tproj/bootparamd.c index e76bd42..c8da199 100644 --- a/bootparams/bootparamd.tproj/bootparamd.c +++ b/bootparams/bootparamd.tproj/bootparamd.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/bootparams/bootparams/bootparam_prot.x b/bootparams/bootparams/bootparam_prot.x index 0339a81..e28c544 100644 --- a/bootparams/bootparams/bootparam_prot.x +++ b/bootparams/bootparams/bootparam_prot.x @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/bootparams/bpwhoami.tproj/bpwhoami.c b/bootparams/bpwhoami.tproj/bpwhoami.c index 68a4c6d..bf43da3 100644 --- a/bootparams/bpwhoami.tproj/bpwhoami.c +++ b/bootparams/bpwhoami.tproj/bpwhoami.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/domainname.tproj/domainname.1 b/domainname.tproj/domainname.1 index ddaf675..b89e57e 100644 --- a/domainname.tproj/domainname.1 +++ b/domainname.tproj/domainname.1 @@ -30,20 +30,20 @@ .\" SUCH DAMAGE. .\" .\" from: @(#)domainname.1 6.8 (Berkeley) 7/27/91 -.\" $Id: domainname.1,v 1.2 2003/07/15 23:03:46 melville Exp $ +.\" $Id: domainname.1,v 1.3 2003/12/03 21:22:17 rbraun Exp $ .\" .Dd July 27, 1991 .Dt DOMAINNAME 1 .Os BSD 4.2 .Sh NAME .Nm domainname -.Nd set or print the name of the current domain +.Nd set or print the name of the current NIS domain .Sh SYNOPSIS .Nm domainname .Op Ar name-of-domain .Sh DESCRIPTION .Nm Domainname -prints the domain name of the current host. +prints the NIS domain name of the current host. The super-user can set the domain name by supplying an argument. .Sh SEE ALSO .Xr hostname 1 , diff --git a/domainname.tproj/domainname.c b/domainname.tproj/domainname.c index a229731..57eb463 100644 --- a/domainname.tproj/domainname.c +++ b/domainname.tproj/domainname.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/ifconfig.tproj/ifconfig.c b/ifconfig.tproj/ifconfig.c index 8d71e86..0cc0fb2 100644 --- a/ifconfig.tproj/ifconfig.c +++ b/ifconfig.tproj/ifconfig.c @@ -42,7 +42,7 @@ static const char copyright[] = static char sccsid[] = "@(#)ifconfig.c 8.2 (Berkeley) 2/16/94"; #endif static const char rcsid[] = - "$Id: ifconfig.c,v 1.5.28.1 2004/04/14 00:27:17 lindak Exp $"; + "$Id: ifconfig.c,v 1.6 2003/12/16 23:16:58 lindak Exp $"; #endif /* not lint */ #include diff --git a/ifconfig.tproj/ifconfig.h b/ifconfig.tproj/ifconfig.h index cc6a5ea..3688c9f 100644 --- a/ifconfig.tproj/ifconfig.h +++ b/ifconfig.tproj/ifconfig.h @@ -31,7 +31,7 @@ * * so there! * - * $Id: ifconfig.h,v 1.1.1.1.140.1 2004/04/14 00:27:17 lindak Exp $ + * $Id: ifconfig.h,v 1.2 2003/12/16 23:16:58 lindak Exp $ */ extern struct ifreq ifr; diff --git a/inetd.tproj/Makefile b/inetd.tproj/Makefile deleted file mode 100644 index bd27a46..0000000 --- a/inetd.tproj/Makefile +++ /dev/null @@ -1,50 +0,0 @@ -# -# Generated by the NeXT Project Builder. -# -# NOTE: Do NOT change this file -- Project Builder maintains it. -# -# Put all of your customizations in files called Makefile.preamble -# and Makefile.postamble (both optional), and Makefile will include them. -# - -NAME = inetd - -PROJECTVERSION = 2.8 -PROJECT_TYPE = Tool - -HFILES = pathnames.h - -CFILES = inetd.c - -OTHERSRCS = Makefile.preamble Makefile Makefile.postamble inetd.8 - - -MAKEFILEDIR = $(MAKEFILEPATH)/pb_makefiles -CODE_GEN_STYLE = DYNAMIC -MAKEFILE = tool.make -NEXTSTEP_INSTALLDIR = /usr/sbin -WINDOWS_INSTALLDIR = /usr/sbin -PDO_UNIX_INSTALLDIR = /usr/sbin -LIBS = -DEBUG_LIBS = $(LIBS) -PROF_LIBS = $(LIBS) - - - - -NEXTSTEP_OBJCPLUS_COMPILER = /usr/bin/cc -WINDOWS_OBJCPLUS_COMPILER = $(DEVDIR)/gcc -PDO_UNIX_OBJCPLUS_COMPILER = $(NEXTDEV_BIN)/gcc -NEXTSTEP_JAVA_COMPILER = /usr/bin/javac -WINDOWS_JAVA_COMPILER = $(JDKBINDIR)/javac.exe -PDO_UNIX_JAVA_COMPILER = $(NEXTDEV_BIN)/javac - -include $(MAKEFILEDIR)/platform.make - --include Makefile.preamble - -include $(MAKEFILEDIR)/$(MAKEFILE) - --include Makefile.postamble - --include Makefile.dependencies diff --git a/inetd.tproj/Makefile.postamble b/inetd.tproj/Makefile.postamble deleted file mode 100644 index f5c79e2..0000000 --- a/inetd.tproj/Makefile.postamble +++ /dev/null @@ -1,110 +0,0 @@ -############################################################################### -# NeXT Makefile.postamble Template -# Copyright 1993, NeXT Computer, Inc. -# -# This Makefile is used for configuring the standard app makefiles associated -# with ProjectBuilder. -# -# Use this template to set attributes for a project, sub-project, bundle, or -# palette. Each node in the project's tree of sub-projects and bundles -# should have it's own Makefile.preamble and Makefile.postamble. Additional -# rules (e.g., after_install) that are defined by the developer should be -# defined in this file. -# -############################################################################### -# -# Here are the variables exported by the common "app" makefiles that can be -# used in any customizations you make to the template below: -# -# PRODUCT_ROOT - Name of top-level app-wrapper (e.g., Webster.app) -# OFILE_DIR - Directory into which .o object files are generated. -# (Note that this name is calculated based on the target -# architectures specified in Project Builder). -# DERIVED_SRC_DIR - Directory used for all other derived files -# ALL_CFLAGS - All the flags passed to the cc(1) driver for compilations -# -# NAME - name of application, bundle, subproject, palette, etc. -# LANGUAGE - langage in which the project is written (default "English") -# ENGLISH - boolean flag set iff $(LANGUAGE) = "English" -# JAPANESE - boolean flag set iff $(LANGUAGE) = "Japanese" -# LOCAL_RESOURCES - localized resources (e.g. nib's, images) of project -# GLOBAL_RESOURCES - non-localized resources of project -# PROJECTVERSION - version of ProjectBuilder that output Makefile -# APPICON - application icon file -# DOCICONS - dock icon files -# ICONSECTIONS - Specifies icon sections when linking executable -# -# CLASSES - Class implementation files in project. -# HFILES - Header files in project. -# MFILES - Other Objective-C source files in project. -# CFILES - Other C source files in project. -# PSWFILES - .psw files in the project -# PSWMFILES - .pswm files in the project -# SUBPROJECTS - Subprojects of this project -# BUNDLES - Bundle subprojects of this project -# OTHERSRCS - Other miscellaneous sources of this project -# OTHERLINKED - Source files not matching a standard source extention -# -# LIBS - Libraries to link with when making app target -# DEBUG_LIBS - Libraries to link with when making debug target -# PROF_LIBS - Libraries to link with when making profile target -# OTHERLINKEDOFILES - Other relocatable files to (always) link in. -# -# APP_MAKEFILE_DIR - Directory in which to find generic set of Makefiles -# MAKEFILEDIR - Directory in which to find $(MAKEFILE) -# MAKEFILE - Top level mechanism Makefile (e.g., app.make, bundle.make) -# INSTALLDIR - Directory app will be installed into by 'install' target - - -# Change defaults assumed by the standard app makefiles here. Edit the -# following default values as appropriate. (Note that if no Makefile.postamble -# exists, these values will have defaults set in common.make). - -# Add Makefile.preamble, Makefile.postamble, and Makefile.dependencies here if -# you would like changes to them to invalidate previous builds. The project -# depends on $(MAKEFILES) so that changes to Makefiles will trigger a re-build. -#MAKEFILES = Makefile - -# Optimization flag passed to compiler: -#OPTIMIZATION_CFLAG = -O - -# Flags always passed to compiler: -#COMMON_CFLAGS = $(PROJECT_SPECIFIC_CFLAGS) -g -Wall - -# Flags passed to compiler in normal 'app' compiles: -#NORMAL_CFLAGS = $(COMMON_CFLAGS) $(OPTIMIZATION_CFLAG) - -# Flags passed to compiler in 'debug' compiles: -#DEBUG_CFLAGS = $(COMMON_CFLAGS) -DDEBUG - -# Flags passed to compiler in 'profile' compiles -#PROFILE_CFLAGS = $(COMMON_CFLAGS) -pg $(OPTIMIZATION_CFLAG) -DPROFILE - -# Flags passed to yacc -#YFLAGS = -d - -# Ownership and permissions of files installed by 'install' target -#INSTALL_AS_USER = root # User to chown app to -#INSTALL_AS_GROUP = wheel # Group to chgrp app to -#INSTALL_PERMISSIONS = # If set, 'install' chmod's executable to this - -# Options to strip for bundles, apps with bundles, and apps without bundles, -# respectively. -#RELOCATABLE_STRIP_OPTS = -x -u -#DYLD_APP_STRIP_OPTS = -A -n -#APP_STRIP_OPTS = -#TOOL_STRIP_OPTS = -#LIBRARY_STRIP_OPTS = -x -S # Note: -S strips debugging symbols -# (Note: APP_STRIP_OPTS and TOOL_STRIP_OPTS default to empty, but -# developers doing their own dynamic loading should set this to -# $(DYLD_APP_STRIP_OPTS)). -STRIPFLAGS = - - -######################################################################### -# Put rules to extend the behavior of the standard Makefiles here. Typical -# user-defined rules are before_install and after_install (please don't -# redefine things like install or app, as they are owned by the top-level -# Makefile API), which are rules that get invoked before and after the install -# target runs. Such rules should be specified with the '::' syntax rather than -# a single colon. diff --git a/inetd.tproj/Makefile.preamble b/inetd.tproj/Makefile.preamble deleted file mode 100644 index 2c9003c..0000000 --- a/inetd.tproj/Makefile.preamble +++ /dev/null @@ -1,113 +0,0 @@ -############################################################################### -# NeXT Makefile.preamble Template -# Copyright 1993, NeXT Computer, Inc. -# -# This Makefile is used for configuring the standard app makefiles associated -# with ProjectBuilder. -# -# Use this template to set attributes for a project, sub-project, bundle, or -# palette. Each node in the project's tree of sub-projects and bundles -# should have it's own Makefile.preamble and Makefile.postamble. -# -############################################################################### -## Configure the flags passed to $(CC) here. These flags will also be -## inherited by all nested sub-projects and bundles. Put your -I, -D, -U, and -## -L flags here. To change the default flags that get passed to ${CC} -## (e.g. change -O to -O2), see Makefile.postamble. - -# Flags passed to compiler (in addition to -g, -O, etc) -OTHER_CFLAGS = -# Flags passed to ld (in addition to -ObjC, etc.) -OTHER_LDFLAGS = - -BUNDLELDFLAGS = # use iff project is a bundle -PALETTELDFLAGS = # use iff project is a palette - -## Specify which headers in this project should be published to the outside -## world in a flat header directory given in PUBLIC_HEADER_DIR (which will be -## prepended by DSTROOT, below. Any subset of these public headers can be -## precompiled automatically after installation, with extra user-defined flags. -PUBLIC_HEADER_DIR = -PUBLIC_HEADERS = -PUBLIC_PRECOMPILED_HEADERS = -PUBLIC_PRECOMPILED_HEADERS_CFLAGS = - -## Configure what is linked in at each level here. Libraries are only used in -## the final 'app' linking step. Final 'app' linking is only done via the -## 'app', 'debug', and 'profile' targets when they are invoked for -## the top-level app. - -# Additional relocatables to be linked in at this level -OTHER_OFILES = -# Additional libs to link apps against ('app' target) -#OTHER_LIBS = -# Additional libs to link apps against ('debug' target) -OTHER_DEBUG_LIBS = -# Additional libs to link apps against ('profile' target) -OTHER_PROF_LIBS = - -# More 'app' libraries when $(JAPANESE) = "YES" -OTHER_JAPANESE_LIBS = -# More 'debug' libraries when $(JAPANESE) = "YES" -OTHER_JAPANESE_DEBUG_LIBS = -# More 'profile' libs when $(JAPANESE) = "YES" -OTHER_JAPANESE_PROF_LIBS = - -# If this is a bundle, and you *know* the enclosing application will not -# be linking with a library which you require in your bundle code, then -# mention it here so that it gets linked into the bundle. Note that this -# is wasteful but sometimes necessary. -BUNDLE_LIBS = - -## Configure how things get built here. Additional dependencies, sourcefiles, -## derived files, and build order should be specified here. - -# Other dependencies of this project -OTHER_PRODUCT_DEPENDS = -# Built *before* building subprojects/bundles -OTHER_INITIAL_TARGETS = -# Other source files maintained by .pre/postamble -OTHER_SOURCEFILES = -# Additional files to be removed by `make clean' -OTHER_GARBAGE = -# Precompiled headers to be built before any compilation occurs (e.g., draw.p) -PRECOMPS = - -# Targets to be built before installation -OTHER_INSTALL_DEPENDS = - -# A virtual root directory (other than /) to be prepended to the $(INSTALLDIR) -# passed from ProjectBuilder. -DSTROOT = - -# Set the following to "YES" if you want the old behavior of recursively -# cleaning all nested subprojects during 'make clean'. -CLEAN_ALL_SUBPROJECTS = - -## Add more obscure source files here to cause them to be automatically -## processed by the appropriate tool. Note that these files should also be -## added to "Supporting Files" in ProjectBuilder. The desired .o files that -## result from these files should also be added to OTHER_OFILES above so they -## will be linked in. - -# .msg files that should have msgwrap run on them -MSGFILES = -# .defs files that should have mig run on them -DEFSFILES = -# .mig files (no .defs files) that should have mig run on them -MIGFILES = - -## Add additional Help directories here (add them to the project as "Other -## Resources" in Project Builder) so that they will be compressed into .store -## files and copied into the app wrapper. If the help directories themselves -## need to also be in the app wrapper, then a cp command will need to be added -## in an after_install target. -OTHER_HELP_DIRS = - -# Don't add more rules here unless you want the first one to be the default -# target for make! Put all your targets in Makefile.postamble. - -# To include a version string, project source must exist in a directory named -# $(NAME).%d[.%d][.%d] and the following line must be uncommented. -OTHER_GENERATED_OFILES = $(VERS_OFILE) --include ../Makefile.include diff --git a/inetd.tproj/PB.project b/inetd.tproj/PB.project deleted file mode 100644 index 2eafcda..0000000 --- a/inetd.tproj/PB.project +++ /dev/null @@ -1,41 +0,0 @@ -{ - DOCICONFILES = (); - FILESTABLE = { - C_FILES = (); - H_FILES = (pathnames.h); - OTHER_LIBS = (); - OTHER_LINKED = (inetd.c); - OTHER_SOURCES = (Makefile.preamble, Makefile, Makefile.postamble, inetd.8); - PRECOMPILED_HEADERS = (); - PROJECT_HEADERS = (); - PUBLIC_HEADERS = (); - SUBPROJECTS = (); - }; - GENERATEMAIN = YES; - LANGUAGE = English; - LOCALIZABLE_FILES = {}; - NEXTSTEP_BUILDDIR = ""; - NEXTSTEP_BUILDTOOL = /bin/make; - NEXTSTEP_COMPILEROPTIONS = ""; - NEXTSTEP_INSTALLDIR = /usr/sbin; - NEXTSTEP_JAVA_COMPILER = /usr/bin/javac; - NEXTSTEP_LINKEROPTIONS = ""; - NEXTSTEP_OBJCPLUS_COMPILER = /usr/bin/cc; - PDO_UNIX_BUILDDIR = ""; - PDO_UNIX_BUILDTOOL = /bin/make; - PDO_UNIX_COMPILEROPTIONS = ""; - PDO_UNIX_INSTALLDIR = /usr/sbin; - PDO_UNIX_JAVA_COMPILER = "$(NEXTDEV_BIN)/javac"; - PDO_UNIX_LINKEROPTIONS = ""; - PDO_UNIX_OBJCPLUS_COMPILER = "$(NEXTDEV_BIN)/gcc"; - PROJECTNAME = inetd; - PROJECTTYPE = Tool; - PROJECTVERSION = 2.8; - WINDOWS_BUILDDIR = ""; - WINDOWS_BUILDTOOL = /bin/make; - WINDOWS_COMPILEROPTIONS = ""; - WINDOWS_INSTALLDIR = /usr/sbin; - WINDOWS_JAVA_COMPILER = "$(JDKBINDIR)/javac.exe"; - WINDOWS_LINKEROPTIONS = ""; - WINDOWS_OBJCPLUS_COMPILER = "$(DEVDIR)/gcc"; -} diff --git a/inetd.tproj/inetd.8 b/inetd.tproj/inetd.8 deleted file mode 100644 index cc11efe..0000000 --- a/inetd.tproj/inetd.8 +++ /dev/null @@ -1,381 +0,0 @@ -.\" Copyright (c) 1985, 1991, 1993, 1994 -.\" The Regents of the University of California. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" 3. All advertising materials mentioning features or use of this software -.\" must display the following acknowledgement: -.\" This product includes software developed by the University of -.\" California, Berkeley and its contributors. -.\" 4. Neither the name of the University nor the names of its contributors -.\" may be used to endorse or promote products derived from this software -.\" without specific prior written permission. -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE -.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" -.\" @(#)inetd.8 8.4 (Berkeley) 6/1/94 -.\" -.Dd June 1, 1994 -.Dt INETD 8 -.Os BSD 4.4 -.Sh NAME -.Nm inetd -.Nd internet -.Dq super-server -.Sh SYNOPSIS -.Nm inetd -.Op Fl d -.Op Fl R Ar rate -.Op Ar configuration file -.Sh DESCRIPTION -The -.Nm inetd -program -should be run at boot time by -.Pa /etc/rc -(see -.Xr rc 8 ) . -It then listens for connections on certain -internet sockets. When a connection is found on one -of its sockets, it decides what service the socket -corresponds to, and invokes a program to service the request. -The server program is invoked with the service socket -as its standard input, output and error descriptors. -After the program is -finished, -.Nm inetd -continues to listen on the socket (except in some cases which -will be described below). Essentially, -.Nm inetd -allows running one daemon to invoke several others, -reducing load on the system. -.Pp -The options available for -.Nm inetd: -.Bl -tag -width Ds -.It Fl d -Turns on debugging. -.It Fl R Ar rate -Specifies the maximum number of times a service can be invoked -in one minute; the default is 1000. -.El -.Pp -Upon execution, -.Nm inetd -reads its configuration information from a configuration -file which, by default, is -.Pa /etc/inetd.conf . -There must be an entry for each field of the configuration -file, with entries for each field separated by a tab or -a space. Comments are denoted by a ``#'' at the beginning -of a line. There must be an entry for each field. The -fields of the configuration file are as follows: -.Pp -.Bd -unfilled -offset indent -compact -service name -socket type -protocol -wait/nowait -user -server program -server program arguments -.Ed -.Pp -There are two types of services that -.Nm inetd -can start: standard and TCPMUX. -A standard service has a well-known port assigned to it; -it may be a service that implements an official Internet standard or is a -BSD-specific service. -As described in -.Tn RFC 1078 , -TCPMUX services are nonstandard services that do not have a -well-known port assigned to them. -They are invoked from -.Nm inetd -when a program connects to the -.Dq tcpmux -well-known port and specifies -the service name. -This feature is useful for adding locally-developed servers. -.Pp -The -.Em service-name -entry is the name of a valid service in -the file -.Pa /etc/services . -For -.Dq internal -services (discussed below), the service -name -.Em must -be the official name of the service (that is, the first entry in -.Pa /etc/services ) . -For TCPMUX services, the value of the -.Em service-name -field consists of the string -.Dq tcpmux -followed by a slash and the -locally-chosen service name. -The service names listed in -.Pa /etc/services -and the name -.Dq help -are reserved. -Try to choose unique names for your TCPMUX services by prefixing them with -your organization's name and suffixing them with a version number. -.Pp -The -.Em socket-type -should be one of -.Dq stream , -.Dq dgram , -.Dq raw , -.Dq rdm , -or -.Dq seqpacket , -depending on whether the socket is a stream, datagram, raw, -reliably delivered message, or sequenced packet socket. -TCPMUX services must use -.Dq stream . -.Pp -The -.Em protocol -must be a valid protocol as given in -.Pa /etc/protocols . -Examples might be -.Dq tcp -or -.Dq udp . -TCPMUX services must use -.Dq tcp . -.Pp -The -.Em wait/nowait -entry specifies whether the server that is invoked by inetd will take over -the socket associated with the service access point, and thus whether -.Nm inetd -should wait for the server to exit before listening for new service -requests. -Datagram servers must use -.Dq wait , -as they are always invoked with the original datagram socket bound -to the specified service address. -These servers must read at least one datagram from the socket -before exiting. -If a datagram server connects -to its peer, freeing the socket so -.Nm inetd -can received further messages on the socket, it is said to be -a -.Dq multi-threaded -server; -it should read one datagram from the socket and create a new socket -connected to the peer. -It should fork, and the parent should then exit -to allow -.Nm inetd -to check for new service requests to spawn new servers. -Datagram servers which process all incoming datagrams -on a socket and eventually time out are said to be -.Dq single-threaded . -.Xr Comsat 8 , -.Pq Xr biff 1 -and -.Xr talkd 8 -are both examples of the latter type of -datagram server. -.Xr Tftpd 8 -is an example of a multi-threaded datagram server. -.Pp -Servers using stream sockets generally are multi-threaded and -use the -.Dq nowait -entry. -Connection requests for these services are accepted by -.Nm inetd , -and the server is given only the newly-accepted socket connected -to a client of the service. -Most stream-based services operate in this manner. -Stream-based servers that use -.Dq wait -are started with the listening service socket, and must accept -at least one connection request before exiting. -Such a server would normally accept and process incoming connection -requests until a timeout. -TCPMUX services must use -.Dq nowait . -.Pp -The -.Em user -entry should contain the user name of the user as whom the server -should run. This allows for servers to be given less permission -than root. -.Pp -The -.Em server-program -entry should contain the pathname of the program which is to be -executed by -.Nm inetd -when a request is found on its socket. If -.Nm inetd -provides this service internally, this entry should -be -.Dq internal . -.Pp -The -.Em server program arguments -should be just as arguments -normally are, starting with argv[0], which is the name of -the program. If the service is provided internally, the -word -.Dq internal -should take the place of this entry. -.Pp -The -.Nm inetd -program -provides several -.Dq trivial -services internally by use of -routines within itself. These services are -.Dq echo , -.Dq discard , -.Dq chargen -(character generator), -.Dq daytime -(human readable time), and -.Dq time -(machine readable time, -in the form of the number of seconds since midnight, January -1, 1900). All of these services are tcp based. For -details of these services, consult the appropriate -.Tn RFC -from the Network Information Center. -.Pp -The -.Nm inetd -program -rereads its configuration file when it receives a hangup signal, -.Dv SIGHUP . -Services may be added, deleted or modified when the configuration file -is reread. -Except when started in debugging mode, -.Nm -records its process ID in the file -.Pa /var/run/inetd.pid -to assist in reconfiguration. -.Sh TCPMUX -.Pp -.Tn RFC 1078 -describes the TCPMUX protocol: -``A TCP client connects to a foreign host on TCP port 1. It sends the -service name followed by a carriage-return line-feed . The -service name is never case sensitive. The server replies with a -single character indicating positive (+) or negative (\-) -acknowledgment, immediately followed by an optional message of -explanation, terminated with a . If the reply was positive, -the selected protocol begins; otherwise the connection is closed.'' -The program is passed the TCP connection as file descriptors 0 and 1. -.Pp -If the TCPMUX service name begins with a ``+'', -.Nm inetd -returns the positive reply for the program. -This allows you to invoke programs that use stdin/stdout -without putting any special server code in them. -.Pp -The special service name -.Dq help -causes -.Nm inetd -to list TCPMUX services in -.Pa inetd.conf . -.ne 1i -.Sh "EXAMPLES" -.Pp -Here are several example service entries for the various types of services: -.Bd -literal -ftp stream tcp nowait root /usr/libexec/ftpd ftpd -l -ntalk dgram udp wait root /usr/libexec/ntalkd ntalkd -tcpmux/+date stream tcp nowait guest /bin/date date -tcpmux/phonebook stream tcp nowait guest /usr/local/bin/phonebook phonebook -.Ed -.Sh "ERROR MESSAGES" -The -.Nm inetd -server -logs error messages using -.Xr syslog 3 . -Important error messages and their explanations are: -.Bd -literal -\fIservice\fP/\fIprotocol\fP server failing (looping), service terminated. -.Ed -The number of requests for the specified service in the past minute -exceeded the limit. The limit exists to prevent a broken program -or a malicious user from swamping the system. -This message may occur for several reasons: -1) there are lots of hosts requesting the service within a short time period, -2) a 'broken' client program is requesting the service too frequently, -3) a malicious user is running a program to invoke the service in -a 'denial of service' attack, or -4) the invoked service program has an error that causes clients -to retry quickly. -Use the -.Op Fl R -option, -as described above, to change the rate limit. -Once the limit is reached, the service will be -reenabled automatically in 10 minutes. -.sp -.Bd -literal -\fIservice\fP/\fIprotocol\fP: No such user '\fIuser\fP', service ignored -\fIservice\fP/\fIprotocol\fP: getpwnam: \fIuser\fP: No such user -.Ed -No entry for -.Em user -exists in the -.Pa passwd -file. The first message -occurs when -.Nm inetd -(re)reads the configuration file. The second message occurs when the -service is invoked. -.sp -.Bd -literal -\fIservice\fP: can't set uid \fInumber\fP -\fIservice\fP: can't set gid \fInumber\fP -.Ed -The user or group ID for the entry's -.Em user -is invalid. -.Sh SEE ALSO -.Xr comsat 8 , -.Xr fingerd 8 , -.Xr ftpd 8 , -.Xr rexecd 8 , -.Xr rlogind 8 , -.Xr rshd 8 , -.Xr telnetd 8 , -.Xr tftpd 8 -.Sh HISTORY -The -.Nm -command appeared in -.Bx 4.3 . -TCPMUX is based on code and documentation by Mark Lottor. diff --git a/inetd.tproj/inetd.c b/inetd.tproj/inetd.c deleted file mode 100644 index 1b93a68..0000000 --- a/inetd.tproj/inetd.c +++ /dev/null @@ -1,1293 +0,0 @@ -/* - * Copyright (c) 1999 Apple Computer, Inc. All rights reserved. - * - * @APPLE_LICENSE_HEADER_START@ - * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. - * - * The Original Code and all software distributed under the License are - * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER - * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, - * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." - * - * @APPLE_LICENSE_HEADER_END@ - */ -/* - * Copyright (c) 1983, 1991, 1993, 1994 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifndef lint -static char copyright[] = -"@(#) Copyright (c) 1983, 1991, 1993, 1994\n\ - The Regents of the University of California. All rights reserved.\n"; -#endif /* not lint */ - -#ifndef lint -static char sccsid[] = "@(#)inetd.c 8.4 (Berkeley) 4/13/94"; -#endif /* not lint */ - -/* - * Inetd - Internet super-server - * - * This program invokes all internet services as needed. Connection-oriented - * services are invoked each time a connection is made, by creating a process. - * This process is passed the connection as file descriptor 0 and is expected - * to do a getpeername to find out the source host and port. - * - * Datagram oriented services are invoked when a datagram - * arrives; a process is created and passed a pending message - * on file descriptor 0. Datagram servers may either connect - * to their peer, freeing up the original socket for inetd - * to receive further messages on, or ``take over the socket'', - * processing all arriving datagrams and, eventually, timing - * out. The first type of server is said to be ``multi-threaded''; - * the second type of server ``single-threaded''. - * - * Inetd uses a configuration file which is read at startup - * and, possibly, at some later time in response to a hangup signal. - * The configuration file is ``free format'' with fields given in the - * order shown below. Continuation lines for an entry must being with - * a space or tab. All fields must be present in each entry. - * - * service name must be in /etc/services or must - * name a tcpmux service - * socket type stream/dgram/raw/rdm/seqpacket - * protocol must be in /etc/protocols - * wait/nowait single-threaded/multi-threaded - * user user to run daemon as - * server program full path name - * server program arguments maximum of MAXARGS (20) - * - * TCP services without official port numbers are handled with the - * RFC1078-based tcpmux internal service. Tcpmux listens on port 1 for - * requests. When a connection is made from a foreign host, the service - * requested is passed to tcpmux, which looks it up in the servtab list - * and returns the proper entry for the service. Tcpmux returns a - * negative reply if the service doesn't exist, otherwise the invoked - * server is expected to return the positive reply if the service type in - * inetd.conf file has the prefix "tcpmux/". If the service type has the - * prefix "tcpmux/+", tcpmux will return the positive reply for the - * process; this is for compatibility with older server code, and also - * allows you to invoke programs that use stdin/stdout without putting any - * special server code in them. Services that use tcpmux are "nowait" - * because they do not have a well-known port and hence cannot listen - * for new requests. - * - * Comment lines are indicated by a `#' in column 1. - */ -#include -#include -#include -#include -#include -#include -#include - -#include -#include - -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include - -#include "pathnames.h" - -#define TOOMANY 100 /* don't start more than TOOMANY */ -#define CNT_INTVL 60 /* servers in CNT_INTVL sec. */ -#define RETRYTIME (60*10) /* retry after bind or server fail */ - -#define SIGBLOCK (sigmask(SIGCHLD)|sigmask(SIGHUP)|sigmask(SIGALRM)) - - -int debug = 0; -int nsock, maxsock; -fd_set allsock; -int options; -int timingout; -int toomany = TOOMANY; -struct servent *sp; - -struct servtab { - char *se_service; /* name of service */ - int se_socktype; /* type of socket to use */ - char *se_proto; /* protocol used */ - short se_wait; /* single threaded server */ - short se_checked; /* looked at during merge */ - char *se_user; /* user name to run as */ - struct biltin *se_bi; /* if built-in, description */ - char *se_server; /* server program */ -#define MAXARGV 20 - char *se_argv[MAXARGV+1]; /* program arguments */ - int se_fd; /* open descriptor */ - int se_type; /* type */ - struct sockaddr_in se_ctrladdr;/* bound address */ - int se_count; /* number started since se_time */ - struct timeval se_time; /* start of se_count */ - struct servtab *se_next; -} *servtab; - -#define NORM_TYPE 0 -#define MUX_TYPE 1 -#define MUXPLUS_TYPE 2 -#define ISMUX(sep) (((sep)->se_type == MUX_TYPE) || \ - ((sep)->se_type == MUXPLUS_TYPE)) -#define ISMUXPLUS(sep) ((sep)->se_type == MUXPLUS_TYPE) - - -void chargen_dg __P((int, struct servtab *)); -void chargen_stream __P((int, struct servtab *)); -void close_sep __P((struct servtab *)); -void config __P((int)); -void daytime_dg __P((int, struct servtab *)); -void daytime_stream __P((int, struct servtab *)); -void discard_dg __P((int, struct servtab *)); -void discard_stream __P((int, struct servtab *)); -void echo_dg __P((int, struct servtab *)); -void echo_stream __P((int, struct servtab *)); -void endconfig __P((void)); -struct servtab *enter __P((struct servtab *)); -void freeconfig __P((struct servtab *)); -struct servtab *getconfigent __P((void)); -void machtime_dg __P((int, struct servtab *)); -void machtime_stream __P((int, struct servtab *)); -char *newstr __P((char *)); -char *nextline __P((FILE *)); -void print_service __P((char *, struct servtab *)); -void reapchild __P((int)); -void retry __P((int)); -int setconfig __P((void)); -void setup __P((struct servtab *)); -char *sskip __P((char **)); -char *skip __P((char **)); -struct servtab *tcpmux __P((int)); - -struct biltin { - char *bi_service; /* internally provided service name */ - int bi_socktype; /* type of socket supported */ - short bi_fork; /* 1 if should fork before call */ - short bi_wait; /* 1 if should wait for child */ - void (*bi_fn)(); /* function which performs it */ -} biltins[] = { - /* Echo received data */ - { "echo", SOCK_STREAM, 1, 0, echo_stream }, - { "echo", SOCK_DGRAM, 0, 0, echo_dg }, - - /* Internet /dev/null */ - { "discard", SOCK_STREAM, 1, 0, discard_stream }, - { "discard", SOCK_DGRAM, 0, 0, discard_dg }, - - /* Return 32 bit time since 1970 */ - { "time", SOCK_STREAM, 0, 0, machtime_stream }, - { "time", SOCK_DGRAM, 0, 0, machtime_dg }, - - /* Return human-readable time */ - { "daytime", SOCK_STREAM, 0, 0, daytime_stream }, - { "daytime", SOCK_DGRAM, 0, 0, daytime_dg }, - - /* Familiar character generator */ - { "chargen", SOCK_STREAM, 1, 0, chargen_stream }, - { "chargen", SOCK_DGRAM, 0, 0, chargen_dg }, - - { "tcpmux", SOCK_STREAM, 1, 0, (void (*)())tcpmux }, - - { NULL } -}; - -#define NUMINT (sizeof(intab) / sizeof(struct inent)) -char *CONFIG = _PATH_INETDCONF; -char *pid_file = _PATH_INETDPID; -char **Argv; -char *LastArg; - -int -main(argc, argv, envp) - int argc; - char *argv[], *envp[]; -{ - struct servtab *sep; - struct passwd *pwd; - struct sigvec sv; - int tmpint, ch, dofork; - pid_t pid; - char buf[50]; - - Argv = argv; - if (envp == 0 || *envp == 0) - envp = argv; - while (*envp) - envp++; - LastArg = envp[-1] + strlen(envp[-1]); - - openlog("inetd", LOG_PID | LOG_NOWAIT, LOG_DAEMON); - - while ((ch = getopt(argc, argv, "dR:p:")) != EOF) - switch(ch) { - case 'd': - debug = 1; - options |= SO_DEBUG; - break; - case 'R': { /* invocation rate */ - char *p; - - tmpint = strtol(optarg, &p, 0); - if (tmpint < 1 || *p) - syslog(LOG_ERR, - "-R %s: bad value for service invocation rate", - optarg); - else - toomany = tmpint; - break; - } - case 'p': - pid_file = optarg; - break; - case '?': - default: - syslog(LOG_ERR, - "usage: inetd [-d] [-R rate] [conf-file]"); - exit(1); - } - argc -= optind; - argv += optind; - - if (argc > 0) - CONFIG = argv[0]; - if (debug == 0) { - FILE *fp; - daemon(0, 0); - - pid = getpid(); - fp = fopen(pid_file, "w"); - if( fp ) { - fprintf(fp, "%ld\n", (long)pid); - fclose(fp); - } else { - syslog(LOG_WARNING, "%s: %m", pid_file); - } - } - memset(&sv, 0, sizeof(sv)); - sv.sv_mask = SIGBLOCK; - sv.sv_handler = retry; - sigvec(SIGALRM, &sv, (struct sigvec *)0); - config(SIGHUP); - sv.sv_handler = config; - sigvec(SIGHUP, &sv, (struct sigvec *)0); - sv.sv_handler = reapchild; - sigvec(SIGCHLD, &sv, (struct sigvec *)0); - - { - /* space for daemons to overwrite environment for ps */ -#define DUMMYSIZE 100 - char dummy[DUMMYSIZE]; - - (void)memset(dummy, 'x', sizeof(DUMMYSIZE) - 1); - dummy[DUMMYSIZE - 1] = '\0'; - (void)setenv("inetd_dummy", dummy, 1); - } - - for (;;) { - int n, ctrl; - fd_set readable; - - if (nsock == 0) { - (void) sigblock(SIGBLOCK); - while (nsock == 0) - sigpause(0L); - (void) sigsetmask(0L); - } - readable = allsock; - if ((n = select(maxsock + 1, &readable, (fd_set *)0, - (fd_set *)0, (struct timeval *)0)) <= 0) { - if (n < 0 && errno != EINTR) { - syslog(LOG_WARNING, "select: %m"); - sleep(1); - } - continue; - } - for (sep = servtab; n && sep; sep = sep->se_next) - if (sep->se_fd != -1 && FD_ISSET(sep->se_fd, &readable)) { - n--; - if (debug) - fprintf(stderr, "someone wants %s\n", - sep->se_service); - if (!sep->se_wait && sep->se_socktype == SOCK_STREAM) { - ctrl = accept(sep->se_fd, (struct sockaddr *)0, - (int *)0); - if (debug) - fprintf(stderr, "accept, ctrl %d\n", ctrl); - if (ctrl < 0) { - if (errno != EINTR) - syslog(LOG_WARNING, - "accept (for %s): %m", - sep->se_service); - continue; - } - /* - * Call tcpmux to find the real service to exec. - */ - if (sep->se_bi && - sep->se_bi->bi_fn == (void (*)()) tcpmux) { - sep = tcpmux(ctrl); - if (sep == NULL) { - close(ctrl); - continue; - } - } - } else - ctrl = sep->se_fd; - (void) sigblock(SIGBLOCK); - pid = 0; - dofork = (sep->se_bi == 0 || sep->se_bi->bi_fork); - if (dofork) { - if (sep->se_count++ == 0) - (void)gettimeofday(&sep->se_time, - (struct timezone *)0); - else if (sep->se_count >= toomany) { - struct timeval now; - - (void)gettimeofday(&now, (struct timezone *)0); - if (now.tv_sec - sep->se_time.tv_sec > - CNT_INTVL) { - sep->se_time = now; - sep->se_count = 1; - } else { - syslog(LOG_ERR, - "%s/%s server failing (looping), service terminated", - sep->se_service, sep->se_proto); - close_sep(sep); - sigsetmask(0L); - if (!timingout) { - timingout = 1; - alarm(RETRYTIME); - } - continue; - } - } - pid = fork(); - } - if (pid < 0) { - syslog(LOG_ERR, "fork: %m"); - if (!sep->se_wait && - sep->se_socktype == SOCK_STREAM) - close(ctrl); - sigsetmask(0L); - sleep(1); - continue; - } - if (pid && sep->se_wait) { - sep->se_wait = pid; - if (sep->se_fd >= 0) { - FD_CLR(sep->se_fd, &allsock); - nsock--; - } - } - sigsetmask(0L); - if (pid == 0) { - if (debug && dofork) - setsid(); - if (dofork) { - if (debug) - fprintf(stderr, "+ Closing from %d\n", - maxsock); - for (tmpint = maxsock; tmpint > 2; tmpint--) - if (tmpint != ctrl) - close(tmpint); - } - if (sep->se_bi) - (*sep->se_bi->bi_fn)(ctrl, sep); - else { - if (debug) - fprintf(stderr, "%d execl %s\n", - getpid(), sep->se_server); - dup2(ctrl, 0); - close(ctrl); - dup2(0, 1); - dup2(0, 2); - if ((pwd = getpwnam(sep->se_user)) == NULL) { - syslog(LOG_ERR, - "%s/%s: %s: No such user", - sep->se_service, sep->se_proto, - sep->se_user); - if (sep->se_socktype != SOCK_STREAM) - recv(0, buf, sizeof (buf), 0); - _exit(1); - } - if (pwd->pw_uid) { - if (setgid(pwd->pw_gid) < 0) { - syslog(LOG_ERR, - "%s: can't set gid %d: %m", - sep->se_service, pwd->pw_gid); - _exit(1); - } - (void) initgroups(pwd->pw_name, - pwd->pw_gid); - if (setuid(pwd->pw_uid) < 0) { - syslog(LOG_ERR, - "%s: can't set uid %d: %m", - sep->se_service, pwd->pw_uid); - _exit(1); - } - } - execv(sep->se_server, sep->se_argv); - if (sep->se_socktype != SOCK_STREAM) - recv(0, buf, sizeof (buf), 0); - syslog(LOG_ERR, - "cannot execute %s: %m", sep->se_server); - _exit(1); - } - } - if (!sep->se_wait && sep->se_socktype == SOCK_STREAM) - close(ctrl); - } - } -} - -void -reapchild(signo) - int signo; -{ - int status; - pid_t pid; - struct servtab *sep; - - for (;;) { - pid = wait3(&status, WNOHANG, (struct rusage *)0); - if (pid <= 0) - break; - if (debug) - fprintf(stderr, "%d reaped, status %#x\n", - pid, status); - for (sep = servtab; sep; sep = sep->se_next) - if (sep->se_wait == pid) { - if (status) - syslog(LOG_WARNING, - "%s: exit status 0x%x", - sep->se_server, status); - if (debug) - fprintf(stderr, "restored %s, fd %d\n", - sep->se_service, sep->se_fd); - FD_SET(sep->se_fd, &allsock); - nsock++; - sep->se_wait = 1; - } - } -} - -void -config(signo) - int signo; -{ - struct servtab *sep, *cp, **sepp; - struct passwd *pwd; - long omask; - - if (!setconfig()) { - syslog(LOG_ERR, "%s: %m", CONFIG); - return; - } - for (sep = servtab; sep; sep = sep->se_next) - sep->se_checked = 0; - while (cp = getconfigent()) { - if ((pwd = getpwnam(cp->se_user)) == NULL) { - syslog(LOG_ERR, - "%s/%s: No such user '%s', service ignored", - cp->se_service, cp->se_proto, cp->se_user); - continue; - } - for (sep = servtab; sep; sep = sep->se_next) - if (strcmp(sep->se_service, cp->se_service) == 0 && - strcmp(sep->se_proto, cp->se_proto) == 0) - break; - if (sep != 0) { - int i; - - omask = sigblock(SIGBLOCK); - /* - * sep->se_wait may be holding the pid of a daemon - * that we're waiting for. If so, don't overwrite - * it unless the config file explicitly says don't - * wait. - */ - if (cp->se_bi == 0 && - (sep->se_wait == 1 || cp->se_wait == 0)) - sep->se_wait = cp->se_wait; -#define SWAP(a, b) { char *c = a; a = b; b = c; } - if (cp->se_user) - SWAP(sep->se_user, cp->se_user); - if (cp->se_server) - SWAP(sep->se_server, cp->se_server); - for (i = 0; i < MAXARGV; i++) - SWAP(sep->se_argv[i], cp->se_argv[i]); - sigsetmask(omask); - freeconfig(cp); - if (debug) - print_service("REDO", sep); - } else { - sep = enter(cp); - if (debug) - print_service("ADD ", sep); - } - sep->se_checked = 1; - if (ISMUX(sep)) { - sep->se_fd = -1; - continue; - } - sp = getservbyname(sep->se_service, sep->se_proto); - if (sp == 0) { - syslog(LOG_ERR, "%s/%s: unknown service", - sep->se_service, sep->se_proto); - sep->se_checked = 0; - continue; - } - if (sp->s_port != sep->se_ctrladdr.sin_port) { - sep->se_ctrladdr.sin_family = AF_INET; - sep->se_ctrladdr.sin_port = sp->s_port; - if (sep->se_fd >= 0) - close_sep(sep); - } - if (sep->se_fd == -1) - setup(sep); - } - endconfig(); - /* - * Purge anything not looked at above. - */ - omask = sigblock(SIGBLOCK); - sepp = &servtab; - while (sep = *sepp) { - if (sep->se_checked) { - sepp = &sep->se_next; - continue; - } - *sepp = sep->se_next; - if (sep->se_fd >= 0) - close_sep(sep); - if (debug) - print_service("FREE", sep); - freeconfig(sep); - free((char *)sep); - } - (void) sigsetmask(omask); -} - -void -retry(signo) - int signo; -{ - struct servtab *sep; - - timingout = 0; - for (sep = servtab; sep; sep = sep->se_next) - if (sep->se_fd == -1) - setup(sep); -} - -void -setup(sep) - struct servtab *sep; -{ - int on = 1; - - if ((sep->se_fd = socket(AF_INET, sep->se_socktype, 0)) < 0) { - if (debug) - fprintf(stderr, "socket failed on %s/%s: %s\n", - sep->se_service, sep->se_proto, - strerror(errno)); - syslog(LOG_ERR, "%s/%s: socket: %m", - sep->se_service, sep->se_proto); - return; - } -#define turnon(fd, opt) \ -setsockopt(fd, SOL_SOCKET, opt, (char *)&on, sizeof (on)) - if (strcmp(sep->se_proto, "tcp") == 0 && (options & SO_DEBUG) && - turnon(sep->se_fd, SO_DEBUG) < 0) - syslog(LOG_ERR, "setsockopt (SO_DEBUG): %m"); - if (turnon(sep->se_fd, SO_REUSEADDR) < 0) - syslog(LOG_ERR, "setsockopt (SO_REUSEADDR): %m"); -#undef turnon - if (bind(sep->se_fd, (struct sockaddr *)&sep->se_ctrladdr, - sizeof (sep->se_ctrladdr)) < 0) { - if (debug) - fprintf(stderr, "bind failed on %s/%s: %s\n", - sep->se_service, sep->se_proto, - strerror(errno)); - syslog(LOG_ERR, "%s/%s: bind: %m", - sep->se_service, sep->se_proto); - (void) close(sep->se_fd); - sep->se_fd = -1; - if (!timingout) { - timingout = 1; - alarm(RETRYTIME); - } - return; - } - if (sep->se_socktype == SOCK_STREAM) - listen(sep->se_fd, 10); - FD_SET(sep->se_fd, &allsock); - nsock++; - if (sep->se_fd > maxsock) - maxsock = sep->se_fd; - if (debug) { - fprintf(stderr, "registered %s on %d\n", - sep->se_server, sep->se_fd); - } -} - -/* - * Finish with a service and its socket. - */ -void -close_sep(sep) - struct servtab *sep; -{ - if (sep->se_fd >= 0) { - nsock--; - FD_CLR(sep->se_fd, &allsock); - (void) close(sep->se_fd); - sep->se_fd = -1; - } - sep->se_count = 0; - /* - * Don't keep the pid of this running deamon: when reapchild() - * reaps this pid, it would erroneously increment nsock. - */ - if (sep->se_wait > 1) - sep->se_wait = 1; -} - -struct servtab * -enter(cp) - struct servtab *cp; -{ - struct servtab *sep; - long omask; - - sep = (struct servtab *)malloc(sizeof (*sep)); - if (sep == (struct servtab *)0) { - syslog(LOG_ERR, "Out of memory."); - exit(-1); - } - *sep = *cp; - sep->se_fd = -1; - omask = sigblock(SIGBLOCK); - sep->se_next = servtab; - servtab = sep; - sigsetmask(omask); - return (sep); -} - -FILE *fconfig = NULL; -struct servtab serv; -char line[LINE_MAX]; - -int -setconfig() -{ - - if (fconfig != NULL) { - fseek(fconfig, 0L, SEEK_SET); - return (1); - } - fconfig = fopen(CONFIG, "r"); - return (fconfig != NULL); -} - -void -endconfig() -{ - if (fconfig) { - (void) fclose(fconfig); - fconfig = NULL; - } -} - -struct servtab * -getconfigent() -{ - struct servtab *sep = &serv; - int argc; - char *cp, *arg; - static char TCPMUX_TOKEN[] = "tcpmux/"; -#define MUX_LEN (sizeof(TCPMUX_TOKEN)-1) - -more: - while ((cp = nextline(fconfig)) && (*cp == '#' || *cp == '\0')) - ; - if (cp == NULL) - return ((struct servtab *)0); - /* - * clear the static buffer, since some fields (se_ctrladdr, - * for example) don't get initialized here. - */ - memset((caddr_t)sep, 0, sizeof *sep); - arg = skip(&cp); - if (cp == NULL) { - /* got an empty line containing just blanks/tabs. */ - goto more; - } - if (strncmp(arg, TCPMUX_TOKEN, MUX_LEN) == 0) { - char *c = arg + MUX_LEN; - if (*c == '+') { - sep->se_type = MUXPLUS_TYPE; - c++; - } else - sep->se_type = MUX_TYPE; - sep->se_service = newstr(c); - } else { - sep->se_service = newstr(arg); - sep->se_type = NORM_TYPE; - } - arg = sskip(&cp); - if (strcmp(arg, "stream") == 0) - sep->se_socktype = SOCK_STREAM; - else if (strcmp(arg, "dgram") == 0) - sep->se_socktype = SOCK_DGRAM; - else if (strcmp(arg, "rdm") == 0) - sep->se_socktype = SOCK_RDM; - else if (strcmp(arg, "seqpacket") == 0) - sep->se_socktype = SOCK_SEQPACKET; - else if (strcmp(arg, "raw") == 0) - sep->se_socktype = SOCK_RAW; - else - sep->se_socktype = -1; - sep->se_proto = newstr(sskip(&cp)); - arg = sskip(&cp); - sep->se_wait = strcmp(arg, "wait") == 0; - if (ISMUX(sep)) { - /* - * Silently enforce "nowait" for TCPMUX services since - * they don't have an assigned port to listen on. - */ - sep->se_wait = 0; - - if (strcmp(sep->se_proto, "tcp")) { - syslog(LOG_ERR, - "%s: bad protocol for tcpmux service %s", - CONFIG, sep->se_service); - goto more; - } - if (sep->se_socktype != SOCK_STREAM) { - syslog(LOG_ERR, - "%s: bad socket type for tcpmux service %s", - CONFIG, sep->se_service); - goto more; - } - } - sep->se_user = newstr(sskip(&cp)); - sep->se_server = newstr(sskip(&cp)); - if (strcmp(sep->se_server, "internal") == 0) { - struct biltin *bi; - - for (bi = biltins; bi->bi_service; bi++) - if (bi->bi_socktype == sep->se_socktype && - strcmp(bi->bi_service, sep->se_service) == 0) - break; - if (bi->bi_service == 0) { - syslog(LOG_ERR, "internal service %s unknown", - sep->se_service); - goto more; - } - sep->se_bi = bi; - sep->se_wait = bi->bi_wait; - } else - sep->se_bi = NULL; - argc = 0; - for (arg = skip(&cp); cp; arg = skip(&cp)) - if (argc < MAXARGV) - sep->se_argv[argc++] = newstr(arg); - while (argc <= MAXARGV) - sep->se_argv[argc++] = NULL; - return (sep); -} - -void -freeconfig(cp) - struct servtab *cp; -{ - int i; - - if (cp->se_service) - free(cp->se_service); - if (cp->se_proto) - free(cp->se_proto); - if (cp->se_user) - free(cp->se_user); - if (cp->se_server) - free(cp->se_server); - for (i = 0; i < MAXARGV; i++) - if (cp->se_argv[i]) - free(cp->se_argv[i]); -} - - -/* - * Safe skip - if skip returns null, log a syntax error in the - * configuration file and exit. - */ -char * -sskip(cpp) - char **cpp; -{ - char *cp; - - cp = skip(cpp); - if (cp == NULL) { - syslog(LOG_ERR, "%s: syntax error", CONFIG); - exit(-1); - } - return (cp); -} - -char * -skip(cpp) - char **cpp; -{ - char *cp = *cpp; - char *start; - -again: - while (*cp == ' ' || *cp == '\t') - cp++; - if (*cp == '\0') { - int c; - - c = getc(fconfig); - (void) ungetc(c, fconfig); - if (c == ' ' || c == '\t') - if (cp = nextline(fconfig)) - goto again; - *cpp = (char *)0; - return ((char *)0); - } - start = cp; - while (*cp && *cp != ' ' && *cp != '\t') - cp++; - if (*cp != '\0') - *cp++ = '\0'; - *cpp = cp; - return (start); -} - -char * -nextline(fd) - FILE *fd; -{ - char *cp; - - if (fgets(line, sizeof (line), fd) == NULL) - return ((char *)0); - cp = strchr(line, '\n'); - if (cp) - *cp = '\0'; - return (line); -} - -char * -newstr(cp) - char *cp; -{ - if (cp = strdup(cp ? cp : "")) - return (cp); - syslog(LOG_ERR, "strdup: %m"); - exit(-1); -} - -void -setproctitle(a, s) - char *a; - int s; -{ - int size; - char *cp; - struct sockaddr_in sin; - char buf[80]; - - cp = Argv[0]; - size = sizeof(sin); - if (getpeername(s, (struct sockaddr *)&sin, &size) == 0) - (void) sprintf(buf, "-%s [%s]", a, inet_ntoa(sin.sin_addr)); - else - (void) sprintf(buf, "-%s", a); - strncpy(cp, buf, LastArg - cp); - cp += strlen(cp); - while (cp < LastArg) - *cp++ = ' '; -} - -/* - * Internet services provided internally by inetd: - */ -#define BUFSIZE 8192 - -/* ARGSUSED */ -void -echo_stream(s, sep) /* Echo service -- echo data back */ - int s; - struct servtab *sep; -{ - char buffer[BUFSIZE]; - int i; - - setproctitle(sep->se_service, s); - while ((i = read(s, buffer, sizeof(buffer))) > 0 && - write(s, buffer, i) > 0) - ; - exit(0); -} - -/* ARGSUSED */ -void -echo_dg(s, sep) /* Echo service -- echo data back */ - int s; - struct servtab *sep; -{ - char buffer[BUFSIZE]; - int i, size; - struct sockaddr sa; - - size = sizeof(sa); - if ((i = recvfrom(s, buffer, sizeof(buffer), 0, &sa, &size)) < 0) - return; - (void) sendto(s, buffer, i, 0, &sa, sizeof(sa)); -} - -/* ARGSUSED */ -void -discard_stream(s, sep) /* Discard service -- ignore data */ - int s; - struct servtab *sep; -{ - int ret; - char buffer[BUFSIZE]; - - setproctitle(sep->se_service, s); - while (1) { - while ((ret = read(s, buffer, sizeof(buffer))) > 0) - ; - if (ret == 0 || errno != EINTR) - break; - } - exit(0); -} - -/* ARGSUSED */ -void -discard_dg(s, sep) /* Discard service -- ignore data */ - int s; - struct servtab *sep; -{ - char buffer[BUFSIZE]; - - (void) read(s, buffer, sizeof(buffer)); -} - -#include -#define LINESIZ 72 -char ring[128]; -char *endring; - -void -initring() -{ - int i; - - endring = ring; - - for (i = 0; i <= 128; ++i) - if (isprint(i)) - *endring++ = i; -} - -/* ARGSUSED */ -void -chargen_stream(s, sep) /* Character generator */ - int s; - struct servtab *sep; -{ - int len; - char *rs, text[LINESIZ+2]; - - setproctitle(sep->se_service, s); - - if (!endring) { - initring(); - rs = ring; - } - - text[LINESIZ] = '\r'; - text[LINESIZ + 1] = '\n'; - for (rs = ring;;) { - if ((len = endring - rs) >= LINESIZ) - memmove(text, rs, LINESIZ); - else { - memmove(text, rs, len); - memmove(text + len, ring, LINESIZ - len); - } - if (++rs == endring) - rs = ring; - if (write(s, text, sizeof(text)) != sizeof(text)) - break; - } - exit(0); -} - -/* ARGSUSED */ -void -chargen_dg(s, sep) /* Character generator */ - int s; - struct servtab *sep; -{ - struct sockaddr sa; - static char *rs; - int len, size; - char text[LINESIZ+2]; - - if (endring == 0) { - initring(); - rs = ring; - } - - size = sizeof(sa); - if (recvfrom(s, text, sizeof(text), 0, &sa, &size) < 0) - return; - - if ((len = endring - rs) >= LINESIZ) - memmove(text, rs, LINESIZ); - else { - memmove(text, rs, len); - memmove(text + len, ring, LINESIZ - len); - } - if (++rs == endring) - rs = ring; - text[LINESIZ] = '\r'; - text[LINESIZ + 1] = '\n'; - (void) sendto(s, text, sizeof(text), 0, &sa, sizeof(sa)); -} - -/* - * Return a machine readable date and time, in the form of the - * number of seconds since midnight, Jan 1, 1900. Since gettimeofday - * returns the number of seconds since midnight, Jan 1, 1970, - * we must add 2208988800 seconds to this figure to make up for - * some seventy years Bell Labs was asleep. - */ - -long -machtime() -{ - struct timeval tv; - - if (gettimeofday(&tv, (struct timezone *)0) < 0) { - if (debug) - fprintf(stderr, "Unable to get time of day\n"); - return (0L); - } -#define OFFSET ((u_long)25567 * 24*60*60) - return (htonl((long)(tv.tv_sec + OFFSET))); -#undef OFFSET -} - -/* ARGSUSED */ -void -machtime_stream(s, sep) - int s; - struct servtab *sep; -{ - long result; - - result = machtime(); - (void) write(s, (char *) &result, sizeof(result)); -} - -/* ARGSUSED */ -void -machtime_dg(s, sep) - int s; - struct servtab *sep; -{ - long result; - struct sockaddr sa; - int size; - - size = sizeof(sa); - if (recvfrom(s, (char *)&result, sizeof(result), 0, &sa, &size) < 0) - return; - result = machtime(); - (void) sendto(s, (char *) &result, sizeof(result), 0, &sa, sizeof(sa)); -} - -/* ARGSUSED */ -void -daytime_stream(s, sep) /* Return human-readable time of day */ - int s; - struct servtab *sep; -{ - char buffer[256]; - time_t clock; - - clock = time((time_t *) 0); - - (void) sprintf(buffer, "%.24s\r\n", ctime(&clock)); - (void) write(s, buffer, strlen(buffer)); -} - -/* ARGSUSED */ -void -daytime_dg(s, sep) /* Return human-readable time of day */ - int s; - struct servtab *sep; -{ - char buffer[256]; - time_t clock; - struct sockaddr sa; - int size; - - clock = time((time_t *) 0); - - size = sizeof(sa); - if (recvfrom(s, buffer, sizeof(buffer), 0, &sa, &size) < 0) - return; - (void) sprintf(buffer, "%.24s\r\n", ctime(&clock)); - (void) sendto(s, buffer, strlen(buffer), 0, &sa, sizeof(sa)); -} - -/* - * print_service: - * Dump relevant information to stderr - */ -void -print_service(action, sep) - char *action; - struct servtab *sep; -{ - fprintf(stderr, - "%s: %s proto=%s, wait=%d, user=%s builtin=%x server=%s\n", - action, sep->se_service, sep->se_proto, - sep->se_wait, sep->se_user, (int)sep->se_bi, sep->se_server); -} - -/* - * Based on TCPMUX.C by Mark K. Lottor November 1988 - * sri-nic::ps:tcpmux.c - */ - - -static int /* # of characters upto \r,\n or \0 */ -getline(fd, buf, len) - int fd; - char *buf; - int len; -{ - int count = 0, n; - - do { - n = read(fd, buf, len-count); - if (n == 0) - return (count); - if (n < 0) - return (-1); - while (--n >= 0) { - if (*buf == '\r' || *buf == '\n' || *buf == '\0') - return (count); - count++; - buf++; - } - } while (count < len); - return (count); -} - -#define MAX_SERV_LEN (256+2) /* 2 bytes for \r\n */ - -#define strwrite(fd, buf) (void) write(fd, buf, sizeof(buf)-1) - -struct servtab * -tcpmux(s) - int s; -{ - struct servtab *sep; - char service[MAX_SERV_LEN+1]; - int len; - - /* Get requested service name */ - if ((len = getline(s, service, MAX_SERV_LEN)) < 0) { - strwrite(s, "-Error reading service name\r\n"); - return (NULL); - } - service[len] = '\0'; - - if (debug) - fprintf(stderr, "tcpmux: someone wants %s\n", service); - - /* - * Help is a required command, and lists available services, - * one per line. - */ - if (!strcasecmp(service, "help")) { - for (sep = servtab; sep; sep = sep->se_next) { - if (!ISMUX(sep)) - continue; - (void)write(s,sep->se_service,strlen(sep->se_service)); - strwrite(s, "\r\n"); - } - return (NULL); - } - - /* Try matching a service in inetd.conf with the request */ - for (sep = servtab; sep; sep = sep->se_next) { - if (!ISMUX(sep)) - continue; - if (!strcasecmp(service, sep->se_service)) { - if (ISMUXPLUS(sep)) { - strwrite(s, "+Go\r\n"); - } - return (sep); - } - } - strwrite(s, "-Service not available\r\n"); - return (NULL); -} diff --git a/inetd.tproj/pathnames.h b/inetd.tproj/pathnames.h deleted file mode 100644 index 4a7b367..0000000 --- a/inetd.tproj/pathnames.h +++ /dev/null @@ -1,67 +0,0 @@ -/* - * Copyright (c) 1999 Apple Computer, Inc. All rights reserved. - * - * @APPLE_LICENSE_HEADER_START@ - * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. - * - * The Original Code and all software distributed under the License are - * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER - * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, - * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." - * - * @APPLE_LICENSE_HEADER_END@ - */ -/* - * Copyright (c) 1989, 1993 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * @(#)pathnames.h 8.1 (Berkeley) 6/6/93 - */ - -#include - -#define _PATH_INETDCONF "/etc/inetd.conf" - -#ifndef _PATH_VARRUN -#define _PATH_VARRUN "/var/run/" -#endif - -#define _PATH_INETDPID _PATH_VARRUN "inetd.pid" diff --git a/ip6conf.tproj/ip6tool.c b/ip6conf.tproj/ip6tool.c index 8d044f9..37f7846 100644 --- a/ip6conf.tproj/ip6tool.c +++ b/ip6conf.tproj/ip6tool.c @@ -2,21 +2,22 @@ * * @APPLE_LICENSE_HEADER_START@ * -* "Portions Copyright (c) 2002 Apple Computer, Inc. All Rights -* Reserved. This file contains Original Code and/or Modifications of -* Original Code as defined in and that are subject to the Apple Public -* Source License Version 1.0 (the 'License'). You may not use this file -* except in compliance with the License. Please obtain a copy of the -* License at http://www.apple.com/publicsource and read it before using -* this file. +* Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. +* +* This file contains Original Code and/or Modifications of Original Code +* as defined in and that are subject to the Apple Public Source License +* Version 2.0 (the 'License'). You may not use this file except in +* compliance with the License. Please obtain a copy of the License at +* http://www.opensource.apple.com/apsl/ and read it before using this +* file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, -* FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the -* License for the specific language governing rights and limitations -* under the License." +* FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. +* Please see the License for the specific language governing rights and +* limitations under the License. * * @APPLE_LICENSE_HEADER_END@ * diff --git a/ipfw.tproj/Makefile b/ipfw.tproj/Makefile index 7114d40..095923b 100644 --- a/ipfw.tproj/Makefile +++ b/ipfw.tproj/Makefile @@ -12,7 +12,7 @@ NAME = ipfw PROJECTVERSION = 2.8 PROJECT_TYPE = Tool -CFILES = ipfw.c +CFILES = ipfw2.c OTHERSRCS = Makefile.preamble Makefile Makefile.postamble ipfw.8 diff --git a/ipfw.tproj/ipfw.8 b/ipfw.tproj/ipfw.8 index c332dc0..71f6bec 100644 --- a/ipfw.tproj/ipfw.8 +++ b/ipfw.tproj/ipfw.8 @@ -1,4 +1,7 @@ -.Dd July 2, 2003 +.\" +.\" $FreeBSD: /repoman/r/ncvs/src/sbin/ipfw/ipfw.8,v 1.63.2.38 2003/07/28 07:15:13 luigi Exp $ +.\" +.Dd August 13, 2002 .Dt IPFW 8 .Os Darwin .Sh NAME @@ -6,67 +9,126 @@ .Nd IP firewall and traffic shaper control program .Sh SYNOPSIS .Nm -.Op Fl q -.Oo -.Fl p Ar preproc -.Oo Fl D -.Ar macro Ns Op = Ns Ar value -.Oc -.Op Fl U Ar macro -.Oc -.Ar pathname +.Op Fl cq +.Cm add +.Ar rule +.Nm +.Op Fl acdefnNStT +.Brq Cm list | show +.Op Ar rule | first-last ... .Nm .Op Fl f | q .Cm flush .Nm .Op Fl q -.Es \&{ \&} -.En Cm zero | resetlog | delete +.Brq Cm delete | zero | resetlog +.Op Cm set .Op Ar number ... .Nm +.Cm enable +.Brq Cm firewall | one_pass | debug | verbose | dyn_keepalive +.Nm +.Cm disable +.Brq Cm firewall | one_pass | debug | verbose | dyn_keepalive +.Pp +.Nm +.Cm set Oo Cm disable Ar number ... Oc Op Cm enable Ar number ... +.Nm +.Cm set move +.Op Cm rule +.Ar number Cm to Ar number +.Nm +.Cm set swap Ar number number +.Nm +.Cm set show +.Pp +.Nm +.Brq Cm pipe | queue +.Ar number +.Cm config +.Ar config-options +.Nm .Op Fl s Op Ar field -.Op Fl aftN -.Es \&{ \&} -.En Cm list | show +.Brq Cm pipe | queue +.Brq Cm delete | list | show .Op Ar number ... +.Pp .Nm -.Op Fl q -.Cm add -.Op Ar number -.Ar rule-body +.Op Fl cnNqS +.Oo +.Fl p Ar preproc +.Oo +.Ar preproc-flags +.Oc +.Oc +.Ar pathname .Sh DESCRIPTION +The .Nm -is the user interface for controlling the -.Xr ipfirewall 4 -. +utility is the user interface for controlling the +.Xr ipfw 4 +firewall and the +.Xr dummynet 4 +traffic shaper in +.Fx . .Pp -Each incoming or outgoing packet is passed through the +.Bd -ragged -offset XXXX +.Em NOTE: +this manual page documents the newer version of .Nm -rules. -If the host is acting as a gateway, packets forwarded by -the gateway are processed by +introduced in +.Fx +CURRENT in July 2002, also known as +.Nm ipfw2 . +.Nm ipfw2 +is a superset of the old firewall, +.Nm ipfw1 . +The differences between the two are listed in Section +.Sx IPFW2 ENHANCEMENTS , +which you are encouraged to read to revise older rulesets and possibly +write them more efficiently. +See Section +.Sx USING IPFW2 IN FreeBSD-STABLE +for instructions on how to run +.Nm ipfw2 +on +.Fx +STABLE. +.Ed +.Pp +An +.Nm +configuration, or +.Em ruleset , +is made of a list of +.Em rules +numbered from 1 to 65535. +Packets are passed to .Nm -twice. -When the host is acting as a bridge, packets forwarded by -the bridge are processed by +from a number of different places in the protocol stack +(depending on the source and destination of the packet, +it is possible that .Nm -once. +is invoked multiple times on the same packet). +The packet passed to the firewall is compared +against each of the rules in the firewall +.Em ruleset . +When a match is found, the action corresponding to the +matching rule is performed. .Pp -A firewall configuration is made of a list of numbered rules, -which is scanned for each packet until a match is found and -the relevant action is performed. Depending on the action and certain system settings, packets -can be reinjected into the firewall at the rule after the +can be reinjected into the firewall at some rule after the matching one for further processing. -All rules apply to all interfaces, so it is responsibility -of the system administrator to write the ruleset in such a -way as to minimize the number of checks. -.Pp -A configuration always includes a -.Em DEFAULT -rule (numbered 65535) which cannot be modified by the programmer -and always matches packets. -The action associated with the default rule can be either +.Pp +An +.Nm +ruleset always includes a +.Em default +rule (numbered 65535) which cannot be modified or deleted, +and matches all packets. +The action associated with the +.Em default +rule can be either .Cm deny or .Cm allow @@ -74,25 +136,28 @@ depending on how the kernel is configured. .Pp If the ruleset includes one or more rules with the .Cm keep-state +or +.Cm limit option, then .Nm assumes a .Em stateful -behaviour, i.e. upon a match will create dynamic rules matching +behaviour, i.e. upon a match it will create dynamic rules matching the exact parameters (addresses and ports) of the matching packet. .Pp These dynamic rules, which have a limited lifetime, are checked at the first occurrence of a -.Cm check-state -or +.Cm check-state , .Cm keep-state +or +.Cm limit rule, and are typically used to open the firewall on-demand to legitimate traffic only. See the -.Sx RULE FORMAT +.Sx STATEFUL FIREWALL and .Sx EXAMPLES -sections below for more information on the stateful behaviour of +Sections below for more information on the stateful behaviour of .Nm . .Pp All rules (including dynamic ones) have a few associated counters: @@ -104,9 +169,9 @@ commands. .Pp Rules can be added with the .Cm add -command; deleted individually with the +command; deleted individually or in groups with the .Cm delete -command, and globally with the +command, and globally (except those in set 31) with the .Cm flush command; displayed, optionally with the content of the counters, using the @@ -120,19 +185,46 @@ and .Cm resetlog commands. .Pp +Also, each rule belongs to one of 32 different +.Em sets +, and there are +.Nm +commands to atomically manipulate sets, such as enable, +disable, swap sets, move all rules in a set to another +one, delete all rules in a set. These can be useful to +install temporary configurations, or to test them. +See Section +.Sx SETS OF RULES +for more information on +.Em sets . +.Pp The following options are available: .Bl -tag -width indent .It Fl a While listing, show counter values. -See also the +The .Cm show -command. +command just implies this option. +.It Fl c +When entering or showing rules, print them in compact form, +i.e. without the optional "ip from any to any" string +when this does not carry any additional information. +.It Fl d +While listing, show dynamic rules in addition to static ones. +.It Fl e +While listing, if the +.Fl d +option was specified, also show expired dynamic rules. .It Fl f Don't ask for confirmation for commands that can cause problems if misused, .No i.e. Cm flush . -.Em Note , -if there is no tty associated with the process, this is implied. +If there is no tty associated with the process, this is implied. +.It Fl n +Only check syntax of the command strings, without actually passing +them to the kernel. +.It Fl N +Try to resolve addresses and service names in output. .It Fl q While .Cm add Ns ing , @@ -150,32 +242,39 @@ commands in a script .Ql sh\ /etc/rc.firewall ) , or by processing a file of many .Nm -rules, -across a remote login session. +rules across a remote login session. If a .Cm flush is performed in normal (verbose) mode (with the default kernel configuration), it prints a message. -Because all rules are flushed, the message cannot be delivered -to the login session. -This causes the remote login session to be closed and the -remainder of the ruleset is not processed. -Access to the console is required to recover. +Because all rules are flushed, the message might not be delivered +to the login session, causing the remote login session to be closed +and the remainder of the ruleset to not be processed. +Access to the console would then be required to recover. +.It Fl S +While listing rules, show the +.Em set +each rule belongs to. +If this flag is not specified, disabled rules will not be +listed. +.It Fl s Op Ar field +While listing pipes, sort according to one of the four +counters (total or current packets or bytes). .It Fl t -While listing, show last match timestamp. -.It Fl N -Try to resolve addresses and service names in output. +While listing, show last match timestamp (converted with ctime()). +.It Fl T +While listing, show last match timestamp (as seconds from the epoch). +This form can be more convenient for postprocessing by scripts. .El .Pp To ease configuration, rules can be put into a file which is processed using .Nm -as shown in the first synopsis line. +as shown in the last synopsis line. An absolute .Ar pathname must be used. -The file -will be read line by line and applied as arguments to the +The file will be read line by line and applied as arguments to the .Nm utility. .Pp @@ -196,287 +295,556 @@ as its first character, the usual .Ev PATH name search is performed. Care should be taken with this in environments where not all -filesystems are mounted (yet) by the time +file systems are mounted (yet) by the time .Nm is being run (e.g. when they are mounted over NFS). Once .Fl p -has been specified, optional -.Fl D -and -.Fl U -specifications can follow and will be passed on to the preprocessor. +has been specified, any additional arguments as passed on to the preprocessor +for interpretation. This allows for flexible configuration files (like conditionalizing them on the local hostname) and the use of macros to centralize frequently required arguments like IP addresses. -.Sh RULE FORMAT +.Pp The .Nm -rule format is the following: -.Bd -ragged +.Cm pipe +and +.Cm queue +commands are used to configure the traffic shaper, as shown in the +.Sx TRAFFIC SHAPER (DUMMYNET) CONFIGURATION +Section below. +.Pp +If the world and the kernel get out of sync the +.Nm +ABI may break, preventing you from being able to add any rules. This can +adversely effect the booting process. You can use +.Nm +.Cm disable +.Cm firewall +to temporarily disable the firewall to regain access to the network, +allowing you to fix the problem. +.Sh PACKET FLOW +A packet is checked against the active ruleset in multiple places +in the protocol stack, under control of several sysctl variables. +These places and variables are shown below, and it is important to +have this picture in mind in order to design a correct ruleset. +.Bd -literal -offset indent + ^ to upper layers V + | | + +----------->-----------+ + ^ V + [ip_input] [ip_output] net.inet.ip.fw.enable=1 + | | + ^ V +[ether_demux] [ether_output_frame] net.link.ether.ipfw=1 + | | + +-->--[bdg_forward]-->--+ net.link.ether.bridge_ipfw=1 + ^ V + | to devices | +.Ed +.Pp +As can be noted from the above picture, the number of +times the same packet goes through the firewall can +vary between 0 and 4 depending on packet source and +destination, and system configuration. +.Pp +Note that as packets flow through the stack, headers can be +stripped or added to it, and so they may or may not be available +for inspection. +E.g., incoming packets will include the MAC header when +.Nm +is invoked from +.Cm ether_demux() , +but the same packets will have the MAC header stripped off when +.Nm +is invoked from +.Cm ip_input() . +.Pp +Also note that each packet is always checked against the complete ruleset, +irrespective of the place where the check occurs, or the source of the packet. +If a rule contains some match patterns or actions which are not valid +for the place of invocation (e.g. trying to match a MAC header within +.Cm ip_input() +), the match pattern will not match, but a +.Cm not +operator in front of such patterns +.Em will +cause the pattern to +.Em always +match on those packets. +It is thus the responsibility of +the programmer, if necessary, to write a suitable ruleset to +differentiate among the possible places. +.Cm skipto +rules can be useful here, as an example: +.Bd -literal -offset indent +# packets from ether_demux or bdg_forward +ipfw add 10 skipto 1000 all from any to any layer2 in +# packets from ip_input +ipfw add 10 skipto 2000 all from any to any not layer2 in +# packets from ip_output +ipfw add 10 skipto 3000 all from any to any not layer2 out +# packets from ether_output_frame +ipfw add 10 skipto 4000 all from any to any layer2 out +.Ed +.Pp +(yes, at the moment there is no way to differentiate between +ether_demux and bdg_forward). +.Sh SYNTAX +In general, each keyword or argument must be provided as +a separate command line argument, with no leading or trailing +spaces. Keywords are case-sensitive, whereas arguments may +or may not be case-sensitive depending on their nature +(e.g. uid's are, hostnames are not). +.Pp +In +.Nm ipfw2 +you can introduce spaces after commas ',' to make +the line more readable. You can also put the entire +command (including flags) into a single argument. +E.g. the following forms are equivalent: +.Bd -literal -offset indent +ipfw -q add deny src-ip 10.0.0.0/24,127.0.0.1/8 +ipfw -q add deny src-ip 10.0.0.0/24, 127.0.0.1/8 +ipfw "-q add deny src-ip 10.0.0.0/24, 127.0.0.1/8" +.Ed +.Sh RULE FORMAT +The format of +.Nm +rules is the following: +.Bd -ragged -offset indent +.Op Ar rule_number +.Op Cm set Ar set_number .Op Cm prob Ar match_probability -.Ar action +.br +.Ar " " action .Op Cm log Op Cm logamount Ar number -.Ar proto -.Cm from Ar src -.Cm to Ar dst -.Op Ar interface-spec -.Op Ar options +.Ar body .Ed .Pp -Each packet can be filtered based on the following information that is -associated with it: +where the body of the rule specifies which information is used +for filtering packets, among the following: .Pp -.Bl -tag -width "Source and destination IP address" -offset indent -compact -.It Transmit and receive interface -(by name or address) +.Bl -tag -width "Source and dest. addresses and ports" -offset XXX -compact +.It Layer-2 header fields +When available +.It IPv4 Protocol +TCP, UDP, ICMP, etc. +.It Source and dest. addresses and ports .It Direction -(incoming or outgoing) -.It Source and destination IP address -(possibly masked) -.It Protocol -(TCP, UDP, ICMP, etc.) -.It Source and destination port -(lists, ranges or masks) -.It TCP flags -.It IP fragment flag +See Section +.Sx PACKET FLOW +.It Transmit and receive interface +By name or address +.It Misc. IP header fields +Version, type of service, datagram length, identification, +fragment flag (non-zero IP offset), +Time To Live .It IP options +.It Misc. TCP header fields +TCP flags (SYN, FIN, ACK, RST, etc.), +sequence number, acknowledgment number, +window +.It TCP options .It ICMP types -.It User ID of the socket associated with the packet +for ICMP packets +.It User/group ID +When the packet can be associated with a local socket. .El .Pp -Note that it may be dangerous to filter on the source IP -address or source TCP/UDP port because either or both could -easily be spoofed. +Note that some of the above information, e.g. source MAC or IP addresses and +TCP/UDP ports, could easily be spoofed, so filtering on those fields +alone might not guarantee the desired results. .Bl -tag -width indent +.It Ar rule_number +Each rule is associated with a +.Ar rule_number +in the range 1..65535, with the latter reserved for the +.Em default +rule. +Rules are checked sequentially by rule number. +Multiple rules can have the same number, in which case they are +checked (and listed) according to the order in which they have +been added. +If a rule is entered without specifying a number, the kernel will +assign one in such a way that the rule becomes the last one +before the +.Em default +rule. +Automatic rule numbers are assigned by incrementing the last +non-default rule number by the value of the sysctl variable +.Ar net.inet.ip.fw.autoinc_step +which defaults to 100. +If this is not possible (e.g. because we would go beyond the +maximum allowed rule number), the number of the last +non-default value is used instead. +.It Cm set Ar set_number +Each rule is associated with a +.Ar set_number +in the range 0..31. +Sets can be individually disabled and enabled, so this parameter +is of fundamental importance for atomic ruleset manipulation. +It can be also used to simplify deletion of groups of rules. +If a rule is entered without specifying a set number, +set 0 will be used. +.br +Set 31 is special in that it cannot be disabled, +and rules in set 31 are not deleted by the +.Nm ipfw flush +command (but you can delete them with the +.Nm ipfw delete set 31 +command). +Set 31 is also used for the +.Em default +rule. .It Cm prob Ar match_probability A match is only declared with the specified probability (floating point number between 0 and 1). This can be useful for a number of applications such as -random packet drop. -.It Ar action : +random packet drop or +(in conjunction with +.Xr dummynet 4 ) +to simulate the effect of multiple paths leading to out-of-order +packet delivery. +.Pp +Note: this condition is checked before any other condition, including +ones such as keep-state or check-state which might have side effects. +.It Cm log Op Cm logamount Ar number +When a packet matches a rule with the +.Cm log +keyword, a message will be +logged to +.Xr syslogd 8 +with a +.Dv LOG_SECURITY +facility. +The logging only occurs if the sysctl variable +.Em net.inet.ip.fw.verbose +is set to 1 +(which is the default when the kernel is compiled with +.Dv IPFIREWALL_VERBOSE +) and the number of packets logged so far for that +particular rule does not exceed the +.Cm logamount +parameter. +If no +.Cm logamount +is specified, the limit is taken from the sysctl variable +.Em net.inet.ip.fw.verbose_limit . +In both cases, a value of 0 removes the logging limit. +.Pp +Once the limit is reached, logging can be re-enabled by +clearing the logging counter or the packet counter for that entry, see the +.Cm resetlog +command. +.Pp +Note: logging is done after all other packet matching conditions +have been successfully verified, and before performing the final +action (accept, deny, etc.) on the packet. +.El +.Ss RULE ACTIONS +A rule can be associated with one of the following actions, which +will be executed when the packet matches the body of the rule. .Bl -tag -width indent -.It Cm allow +.It Cm allow | accept | pass | permit Allow packets that match rule. The search terminates. -Aliases are -.Cm pass , -.Cm permit -and -.Cm accept . -.It Cm deny -Discard packets that match this rule. -The search terminates. -.Cm drop -is an alias for -.Cm deny . -.It Cm reject -(Deprecated). -Discard packets that match this rule, and try to send an ICMP -host unreachable notice. -The search terminates. -.It Cm unreach Ar code -Discard packets that match this rule, and try to send an ICMP -unreachable notice with code -.Ar code , -where -.Ar code -is a number from 0 to 255, or one of these aliases: -.Cm net , host , protocol , port , -.Cm needfrag , srcfail , net-unknown , host-unknown , -.Cm isolated , net-prohib , host-prohib , tosnet , -.Cm toshost , filter-prohib , host-precedence -or -.Cm precedence-cutoff . -The search terminates. -.It Cm reset -TCP packets only. -Discard packets that match this rule, and try to send a TCP -reset (RST) notice. -The search terminates. -.It Cm count -Update counters for all packets that match rule. -The search continues with the next rule. .It Cm check-state Checks the packet against the dynamic ruleset. -If a match is found then the search terminates, otherwise -we move to the next rule. +If a match is found, execute the action associated with +the rule which generated this dynamic rule, otherwise +move to the next rule. +.br +.Cm Check-state +rules do not have a body. If no .Cm check-state rule is found, the dynamic ruleset is checked at the first .Cm keep-state +or +.Cm limit rule. +.It Cm count +Update counters for all packets that match rule. +The search continues with the next rule. +.It Cm deny | drop +Discard packets that match this rule. +The search terminates. .It Cm divert Ar port Divert packets that match this rule to the .Xr divert 4 socket bound to port .Ar port . The search terminates. -.It Cm tee Ar port -Send a copy of packets matching this rule to the -.Xr divert 4 -socket bound to port -.Ar port . -The search terminates and the original packet is accepted -(but see section -.Sx BUGS -below). -.It Cm fwd Ar ipaddr Ns Xo -.Op , Ns Ar port -.Xc +.It Cm fwd | forward Ar ipaddr Ns Op , Ns Ar port Change the next-hop on matching packets to .Ar ipaddr , -which can be an IP address in dotted quad or a host name. +which can be an IP address in dotted quad format or a host name. +The search terminates if this rule matches. +.Pp If .Ar ipaddr -is not a directly-reachable address, the route as found in -the local routing table for that IP is used instead. +is a local address, then matching packets will be forwarded to +.Ar port +(or the port number in the packet if one is not specified in the rule) +on the local machine. +.br If .Ar ipaddr -is a local address, then on a packet entering the system -from a remote host it will be diverted to -.Ar port -on the local machine, keeping the local address of the socket -set to the original IP address the packet was destined for. -This is intended for use with transparent proxy servers. -If the IP is not a local address then the port number -(if specified) is ignored and the rule only applies to packets -leaving the system. -This will also map addresses to local ports when packets are -generated locally. -The search terminates if this rule matches. -If the port number is not given then the port number in the -packet is used, so that a packet for an external machine port -Y would be forwarded to local port Y. -The kernel must have been compiled with the -.Dv IPFIREWALL_FORWARD -option. +is not a local address, then the port number +(if specified) is ignored, and the packet will be +forwarded to the remote address, using the route as found in +the local routing table for that IP. +.br +A +.Ar fwd +rule will not match layer-2 packets (those received +on ether_input, ether_output, or bridged). +.br +The +.Cm fwd +action does not change the contents of the packet at all. +In particular, the destination address remains unmodified, so +packets forwarded to another system will usually be rejected by that system +unless there is a matching rule on that system to capture them. +For packets forwarded locally, +the local address of the socket will be +set to the original destination address of the packet. +This makes the +.Xr netstat 1 +entry look rather weird but is intended for +use with transparent proxy servers. +.It Cm pipe Ar pipe_nr +Pass packet to a +.Xr dummynet 4 +.Dq pipe +(for bandwidth limitation, delay, etc.). +See the +.Sx TRAFFIC SHAPER (DUMMYNET) CONFIGURATION +Section for further information. +The search terminates; however, on exit from the pipe and if +the +.Xr sysctl 8 +variable +.Em net.inet.ip.fw.one_pass +is not set, the packet is passed again to the firewall code +starting from the next rule. +.It Cm queue Ar queue_nr +Pass packet to a +.Xr dummynet 4 +.Dq queue +(for bandwidth limitation using WF2Q+). +.It Cm reject +(Deprecated). +Synonym for +.Cm unreach host . +.It Cm reset +Discard packets that match this rule, and if the +packet is a TCP packet, try to send a TCP reset (RST) notice. +The search terminates. .It Cm skipto Ar number Skip all subsequent rules numbered less than .Ar number . The search continues with the first rule numbered .Ar number or higher. +.It Cm tee Ar port +Send a copy of packets matching this rule to the +.Xr divert 4 +socket bound to port +.Ar port . +The search terminates and the original packet is accepted +(but see Section +.Sx BUGS +below). +.It Cm unreach Ar code +Discard packets that match this rule, and try to send an ICMP +unreachable notice with code +.Ar code , +where +.Ar code +is a number from 0 to 255, or one of these aliases: +.Cm net , host , protocol , port , +.Cm needfrag , srcfail , net-unknown , host-unknown , +.Cm isolated , net-prohib , host-prohib , tosnet , +.Cm toshost , filter-prohib , host-precedence +or +.Cm precedence-cutoff . +The search terminates. .El -.It Cm log Op Cm logamount Ar number -If the kernel was compiled with -.Dv IPFIREWALL_VERBOSE , -then when a packet matches a rule with the -.Cm log -keyword a message will be -logged to -.Xr syslogd 8 -with a -.Dv LOG_AUTHPRIV -facility. -.Em Note : -by default, they are appended to the -.Pa /var/log/system.log -file (see -.Xr syslog.conf 5 ) . -If the kernel was compiled with the -.Dv IPFIREWALL_VERBOSE_LIMIT -option, then by default logging will cease after the number -of packets specified by the option are received for that -particular chain entry, and -.Em net.inet.ip.fw.verbose_limit -will be set to that number. -However, if -.Cm logamount Ar number -is used, that -.Ar number -will be the logging limit rather than -.Em net.inet.ip.fw.verbose_limit , -where the value -.Dq 0 -removes the logging limit. -Logging may then be re-enabled by clearing the logging counter -or the packet counter for that entry. -.Pp -Console logging and the log limit are adjustable dynamically -through the -.Xr sysctl 8 -interface in the MIB base of -.Em net.inet.ip.fw . -.It Ar proto -An IP protocol specified by number or name (for a complete -list see +.Ss RULE BODY +The body of a rule contains zero or more patterns (such as +specific source and destination addresses or ports, +protocol options, incoming or outgoing interfaces, etc.) +that the packet must match in order to be recognised. +In general, the patterns are connected by (implicit) +.Cm and +operators -- i.e. all must match in order for the +rule to match. +Individual patterns can be prefixed by the +.Cm not +operator to reverse the result of the match, as in +.Pp +.Dl "ipfw add 100 allow ip from not 1.2.3.4 to any" +.Pp +Additionally, sets of alternative match patterns ( +.Em or-blocks +) can be constructed by putting the patterns in +lists enclosed between parentheses ( ) or braces { }, and +using the +.Cm or +operator as follows: +.Pp +.Dl "ipfw add 100 allow ip from { x or not y or z } to any" +.Pp +Only one level of parentheses is allowed. +Beware that most shells have special meanings for parentheses +or braces, so it is advisable to put a backslash \\ in front of them +to prevent such interpretations. +.Pp +The body of a rule must in general include a source and destination +address specifier. +The keyword +.Ar any +can be used in various places to specify that the content of +a required field is irrelevant. +.Pp +The rule body has the following format: +.Bd -ragged -offset indent +.Op Ar proto Cm from Ar src Cm to Ar dst +.Op Ar options +.Ed +.Pp +The first part (proto from src to dst) is for backward +compatibility with +.Nm ipfw1 . +In +.Nm ipfw2 +any match pattern (including MAC headers, IPv4 protocols, +addresses and ports) can be specified in the +.Ar options +section. +.Pp +Rule fields have the following meaning: +.Bl -tag -width indent +.It Ar proto : protocol | Cm { Ar protocol Cm or ... } +.It Ar protocol : Oo Cm not Oc Ar protocol-name | protocol-number +An IPv4 protocol specified by number or name +(for a complete list see .Pa /etc/protocols ) . The .Cm ip or .Cm all keywords mean any protocol will match. -.It Ar src No and Ar dst : -.Cm any | me | Op Cm not -.Aq Ar address Ns / Ns Ar mask -.Op Ar ports -.Pp -Specifying -.Cm any -makes the rule match any IP number. -.Pp -Specifying -.Cm me -makes the rule match any IP number configured on an interface in the system. -This is a computationally semi-expensive check which should be used with care. .Pp The -.Aq Ar address Ns / Ns Ar mask -may be specified as: -.Bl -tag -width "ipno/bits" -.It Ar ipno -An IP number of the form 1.2.3.4. -Only this exact IP number will match the rule. -.It Ar ipno Ns / Ns Ar bits -An IP number with a mask width of the form 1.2.3.4/24. -In this case all IP numbers from 1.2.3.0 to 1.2.3.255 will match. -.It Ar ipno Ns : Ns Ar mask -An IP number with a mask of the form 1.2.3.4:255.255.240.0. -In this case all IP numbers from 1.2.0.0 to 1.2.15.255 will match. -.El +.Cm { Ar protocol Cm or ... } +format (an +.Em or-block ) +is provided for convenience only but its use is deprecated. +.It Ar src No and Ar dst : Bro Cm addr | Cm { Ar addr Cm or ... } Brc Op Oo Cm not Oc Ar ports +An address (or a list, see below) +optionally followed by +.Ar ports +specifiers. .Pp -The sense of the match can be inverted by preceding an address with the +The second format ( +.Em or-block +with multiple addresses) is provided for convenience only and +its use is discouraged. +.It Ar addr : Oo Cm not Oc Brq Cm any | me | Ar addr-list | Ar addr-set +.It Cm any +matches any IP address. +.It Cm me +matches any IP address configured on an interface in the system. +The address list is evaluated at the time the packet is +analysed. +.It Ar addr-list : ip-addr Ns Op Ns , Ns Ar addr-list +.It Ar ip-addr : +A host or subnet address specified in one of the following ways: +.Bl -tag -width indent +.It Ar numeric-ip | hostname +Matches a single IPv4 address, specified as dotted-quad or a hostname. +Hostnames are resolved at the time the rule is added to the firewall list. +.It Ar addr Ns / Ns Ar masklen +Matches all addresses with base +.Ar addr +(specified as a dotted quad or a hostname) +and mask width of +.Cm masklen +bits. +As an example, 1.2.3.4/25 will match +all IP numbers from 1.2.3.0 to 1.2.3.127 . +.It Ar addr Ns : Ns Ar mask +Matches all addresses with base +.Ar addr +(specified as a dotted quad or a hostname) +and the mask of +.Ar mask , +specified as a dotted quad. +As an example, 1.2.3.4/255.0.255.0 will match +1.*.3.*. +We suggest to use this form only for non-contiguous +masks, and resort to the +.Ar addr Ns / Ns Ar masklen +format for contiguous masks, which is more compact and less +error-prone. +.El +.It Ar addr-set : addr Ns Oo Ns / Ns Ar masklen Oc Ns Cm { Ns Ar list Ns Cm } +.It Ar list : Bro Ar num | num-num Brc Ns Op Ns , Ns Ar list +Matches all addresses with base address +.Ar addr +(specified as a dotted quad or a hostname) +and whose last byte is in the list between braces { } . +Note that there must be no spaces between braces and +numbers (spaces after commas are allowed). +Elements of the list can be specified as single entries +or ranges. +The +.Ar masklen +field is used to limit the size of the set of addresses, +and can have any value between 24 and 32. If not specified, +it will be assumed as 24. +.br +This format is particularly useful to handle sparse address sets +within a single rule. Because the matching occurs using a +bitmask, it takes constant time and dramatically reduces +the complexity of rulesets. +.br +As an example, an address specified as 1.2.3.4/24{128,35-55,89} +will match the following IP addresses: +.br +1.2.3.128, 1.2.3.35 to 1.2.3.55, 1.2.3.89 . +.It Ar ports : Bro Ar port | port Ns \&- Ns Ar port Ns Brc Ns Op , Ns Ar ports +For protocols which support port numbers (such as TCP and UDP), optional +.Cm ports +may be specified as one or more ports or port ranges, separated +by commas but no spaces, and an optional .Cm not -modifier, causing all other addresses to be matched instead. -This does not affect the selection of port numbers. -.Pp -With the TCP and UDP protocols, optional -.Em ports -may be specified as: -.Bd -ragged -offset indent -.Sm off -.Eo \&{ -.Ar port | -.Ar port No \&- Ar port | -.Ar port : mask -.Ec \&} Op , Ar port Op , Ar ... -.Sm on -.Ed -.Pp +operator. The .Ql \&- notation specifies a range of ports (including boundaries). .Pp -The -.Ql \&: -notation specifies a port and a mask, a match is declared if -the port number in the packet matches the one in the rule, -limited to the bits which are set in the mask. -.Pp Service names (from .Pa /etc/services ) may be used instead of numeric port values. -A range may only be specified as the first value, and the -length of the port list is limited to -.Dv IP_FW_MAX_PORTS -ports (as defined in -.Pa /usr/src/sys/netinet/ip_fw.h ) . +The length of the port list is limited to 30 ports or ranges, +though one can specify larger ranges by using an +.Em or-block +in the +.Cm options +section of the rule. +.Pp A backslash .Pq Ql \e can be used to escape the dash .Pq Ql - -character in a service name: +character in a service name (from a shell, the backslash must be +typed twice to avoid the shell itself interpreting it as an escape +character). .Pp .Dl "ipfw add count tcp from any ftp\e\e-data-ftp to any" .Pp @@ -486,104 +854,112 @@ specifications. See the .Cm frag option for details on matching fragmented packets. -.It Ar interface-spec -Some combinations of the following specifiers are allowed: -.Bl -tag -width "via ipno" -.It Cm in -Only match incoming packets. -.It Cm out -Only match outgoing packets. -.It Cm via Ar ifX -Packet must be going through interface -.Ar ifX . -.It Cm via Ar if Ns Cm * -Packet must be going through interface -.Ar ifX , -where -.Ar X -is any unit number. -.It Cm via any -Packet must be going through -.Em some -interface. -.It Cm via Ar ipno -Packet must be going through the interface having IP address -.Ar ipno . .El +.Ss RULE OPTIONS (MATCH PATTERNS) +Additional match patterns can be used within +rules. Zero or more of these so-called +.Em options +can be present in a rule, optionally prefixed by the +.Cm not +operand, and possibly grouped into +.Em or-blocks . .Pp -The -.Cm via -keyword causes the interface to always be checked. -If -.Cm recv -or -.Cm xmit -is used instead of -.Cm via , -then the only receive or transmit interface (respectively) -is checked. -By specifying both, it is possible to match packets based on -both receive and transmit interface, e.g.: -.Pp -.Dl "ipfw add 100 deny ip from any to any out recv ed0 xmit ed1" -.Pp -The -.Cm recv -interface can be tested on either incoming or outgoing packets, -while the -.Cm xmit -interface can only be tested on outgoing packets. -So -.Cm out -is required (and -.Cm in -is invalid) whenever -.Cm xmit -is used. -Specifying -.Cm via -together with -.Cm xmit -or -.Cm recv -is invalid. -.Pp -A packet may not have a receive or transmit interface: packets -originating from the local host have no receive interface, -while packets destined for the local host have no transmit -interface. -.It Ar options : +The following match patterns can be used (listed in alphabetical order): .Bl -tag -width indent -.It Cm keep-state Op Ar method -Upon a match, the firewall will create a dynamic rule, whose -default behaviour is to matching bidirectional traffic between -source and destination IP/port using the same protocol. -The rule has a limited lifetime (controlled by a set of -.Xr sysctl 8 -variables), and the lifetime is refreshed every time a matching -packet is found. -.Pp -The actual behaviour can be modified by specifying a different -.Ar method , -although at the moment only the default one is specified. +.It Cm // this is a comment. +Inserts the specified text as a comment in the rule. +Everything following // is considered as a comment and stored in the rule. +You can have comment-only rules, which are listed as having a +.Cm count +action followed by the comment. .It Cm bridged Matches only bridged packets. -This can be useful for multicast or broadcast traffic, which -would otherwise pass through the firewall twice: once during -bridging, and a second time when the packet is delivered to -the local stack. +.It Cm dst-ip Ar ip-address +Matches IP packets whose destination IP is one of the address(es) +specified as argument. +.It Cm dst-port Ar ports +Matches IP packets whose destination port is one of the port(s) +specified as argument. +.It Cm established +Matches TCP packets that have the RST or ACK bits set. .It Cm frag -Match if the packet is a fragment and this is not the first -fragment of the datagram. -.Cm frag -may not be used in conjunction with either -.Cm tcpflags -or TCP/UDP port specifications. -.It Cm ipoptions Ar spec -Match if the IP header contains the comma separated list of -options specified in -.Ar spec . -The supported IP options are: +Matches packets that are fragments and not the first +fragment of an IP datagram. Note that these packets will not have +the next protocol header (e.g. TCP, UDP) so options that look into +these headers cannot match. +.It Cm gid Ar group +Matches all TCP or UDP packets sent by or received for a +.Ar group . +A +.Ar group +may be specified by name or number. +.It Cm icmptypes Ar types +Matches ICMP packets whose ICMP type is in the list +.Ar types . +The list may be specified as any combination of +individual types (numeric) separated by commas. +.Em Ranges are not allowed. +The supported ICMP types are: +.Pp +echo reply +.Pq Cm 0 , +destination unreachable +.Pq Cm 3 , +source quench +.Pq Cm 4 , +redirect +.Pq Cm 5 , +echo request +.Pq Cm 8 , +router advertisement +.Pq Cm 9 , +router solicitation +.Pq Cm 10 , +time-to-live exceeded +.Pq Cm 11 , +IP header bad +.Pq Cm 12 , +timestamp request +.Pq Cm 13 , +timestamp reply +.Pq Cm 14 , +information request +.Pq Cm 15 , +information reply +.Pq Cm 16 , +address mask request +.Pq Cm 17 +and address mask reply +.Pq Cm 18 . +.It Cm in | out +Matches incoming or outgoing packets, respectively. +.Cm in +and +.Cm out +are mutually exclusive (in fact, +.Cm out +is implemented as +.Cm not in Ns No ). +.It Cm ipid Ar id-list +Matches IP packets whose +.Cm ip_id +field has value included in +.Ar id-list , +which is either a single value or a list of values or ranges +specified in the same way as +.Ar ports . +.It Cm iplen Ar len-list +Matches IP packets whose total length, including header and data, is +in the set +.Ar len-list , +which is either a single value or a list of values or ranges +specified in the same way as +.Ar ports . +.It Cm ipoptions Ar spec +Matches packets whose IP header contains the comma separated list of +options specified in +.Ar spec . +The supported IP options are: .Pp .Cm ssrr (strict source route), @@ -596,31 +972,160 @@ The supported IP options are: The absence of a particular option may be denoted with a .Ql \&! . -.It Cm tcpoptions Ar spec -Match if the TCP header contains the comma separated list of -options specified in +.It Cm ipprecedence Ar precedence +Matches IP packets whose precedence field is equal to +.Ar precedence . +.It Cm ipsec +Matches packets that have IPSEC history associated with them +(i.e. the packet comes encapsulated in IPSEC, the kernel +has IPSEC support and IPSEC_FILTERGIF option, and can correctly +decapsulate it). +.Pp +Note that specifying +.Cm ipsec +is different from specifying +.Cm proto Ar ipsec +as the latter will only look at the specific IP protocol field, +irrespective of IPSEC kernel support and the validity of the IPSEC data. +.It Cm iptos Ar spec +Matches IP packets whose +.Cm tos +field contains the comma separated list of +service types specified in .Ar spec . -The supported TCP options are: +The supported IP types of service are: .Pp -.Cm mss -(maximum segment size), -.Cm window -(tcp window advertisement), -.Cm sack -(selective ack), -.Cm ts -(rfc1323 timestamp) and -.Cm cc -(rfc1644 t/tcp connection count). -The absence of a particular option may be denoted +.Cm lowdelay +.Pq Dv IPTOS_LOWDELAY , +.Cm throughput +.Pq Dv IPTOS_THROUGHPUT , +.Cm reliability +.Pq Dv IPTOS_RELIABILITY , +.Cm mincost +.Pq Dv IPTOS_MINCOST , +.Cm congestion +.Pq Dv IPTOS_CE . +The absence of a particular type may be denoted with a .Ql \&! . -.It Cm established -TCP packets only. -Match packets that have the RST or ACK bits set. +.It Cm ipttl Ar ttl-list +Matches IP packets whose time to live is included in +.Ar ttl-list , +which is either a single value or a list of values or ranges +specified in the same way as +.Ar ports . +.It Cm ipversion Ar ver +Matches IP packets whose IP version field is +.Ar ver . +.It Cm keep-state +Upon a match, the firewall will create a dynamic rule, whose +default behaviour is to match bidirectional traffic between +source and destination IP/port using the same protocol. +The rule has a limited lifetime (controlled by a set of +.Xr sysctl 8 +variables), and the lifetime is refreshed every time a matching +packet is found. +.It Cm layer2 +Matches only layer2 packets, i.e. those passed to +.Nm +from ether_demux() and ether_output_frame(). +.It Cm limit Bro Cm src-addr | src-port | dst-addr | dst-port Brc Ar N +The firewall will only allow +.Ar N +connections with the same +set of parameters as specified in the rule. +One or more +of source and destination addresses and ports can be +specified. +.It Cm { MAC | mac } Ar dst-mac src-mac +Match packets with a given +.Ar dst-mac +and +.Ar src-mac +addresses, specified as the +.Cm any +keyword (matching any MAC address), or six groups of hex digits +separated by colons, +and optionally followed by a mask indicating how many bits are +significant, as in +.Pp +.Dl "MAC 10:20:30:40:50:60/33 any" +.Pp +Note that the order of MAC addresses (destination first, +source second) is +the same as on the wire, but the opposite of the one used for +IP addresses. +.It Cm mac-type Ar mac-type +Matches packets whose Ethernet Type field +corresponds to one of those specified as argument. +.Ar mac-type +is specified in the same way as +.Cm port numbers +(i.e. one or more comma-separated single values or ranges). +You can use symbolic names for known values such as +.Em vlan , ipv4, ipv6 . +Values can be entered as decimal or hexadecimal (if prefixed by 0x), +and they are always printed as hexadecimal (unless the +.Cm -N +option is used, in which case symbolic resolution will be attempted). +.It Cm proto Ar protocol +Matches packets with the corresponding IPv4 protocol. +.It Cm recv | xmit | via Brq Ar ifX | Ar if Ns Cm * | Ar ipno | Ar any +Matches packets received, transmitted or going through, +respectively, the interface specified by exact name +.Ns No ( Ar ifX Ns No ), +by device name +.Ns No ( Ar if Ns Ar * Ns No ), +by IP address, or through some interface. +.Pp +The +.Cm via +keyword causes the interface to always be checked. +If +.Cm recv +or +.Cm xmit +is used instead of +.Cm via , +then only the receive or transmit interface (respectively) +is checked. +By specifying both, it is possible to match packets based on +both receive and transmit interface, e.g.: +.Pp +.Dl "ipfw add deny ip from any to any out recv ed0 xmit ed1" +.Pp +The +.Cm recv +interface can be tested on either incoming or outgoing packets, +while the +.Cm xmit +interface can only be tested on outgoing packets. +So +.Cm out +is required (and +.Cm in +is invalid) whenever +.Cm xmit +is used. +.Pp +A packet may not have a receive or transmit interface: packets +originating from the local host have no receive interface, +while packets destined for the local host have no transmit +interface. .It Cm setup +Matches TCP packets that have the SYN bit set but no ACK bit. +This is the short form of +.Dq Li tcpflags\ syn,!ack . +.It Cm src-ip Ar ip-address +Matches IP packets whose source IP is one of the address(es) +specified as argument. +.It Cm src-port Ar ports +Matches IP packets whose source port is one of the port(s) +specified as argument. +.It Cm tcpack Ar ack TCP packets only. -Match packets that have the SYN bit set but no ACK bit. +Match if the TCP header acknowledgment number field is set to +.Ar ack . .It Cm tcpflags Ar spec TCP packets only. Match if the TCP header contains the comma separated list of @@ -645,50 +1150,397 @@ a non-zero offset. See the .Cm frag option for details on matching fragmented packets. -.It Cm icmptypes Ar types -ICMP packets only. -Match if the ICMP type is in the list -.Ar types . -The list may be specified as any combination of ranges or -individual types separated by commas. -The supported ICMP types are: +.It Cm tcpseq Ar seq +TCP packets only. +Match if the TCP header sequence number field is set to +.Ar seq . +.It Cm tcpwin Ar win +TCP packets only. +Match if the TCP header window field is set to +.Ar win . +.It Cm tcpoptions Ar spec +TCP packets only. +Match if the TCP header contains the comma separated list of +options specified in +.Ar spec . +The supported TCP options are: .Pp -echo reply -.Pq Cm 0 , -destination unreachable -.Pq Cm 3 , -source quench -.Pq Cm 4 , -redirect -.Pq Cm 5 , -echo request -.Pq Cm 8 , -router advertisement -.Pq Cm 9 , -router solicitation -.Pq Cm 10 , -time-to-live exceeded -.Pq Cm 11 , -IP header bad -.Pq Cm 12 , -timestamp request -.Pq Cm 13 , -timestamp reply -.Pq Cm 14 , -information request -.Pq Cm 15 , -information reply -.Pq Cm 16 , -address mask request -.Pq Cm 17 -and address mask reply -.Pq Cm 18 . +.Cm mss +(maximum segment size), +.Cm window +(tcp window advertisement), +.Cm sack +(selective ack), +.Cm ts +(rfc1323 timestamp) and +.Cm cc +(rfc1644 t/tcp connection count). +The absence of a particular option may be denoted +with a +.Ql \&! . .It Cm uid Ar user Match all TCP or UDP packets sent by or received for a .Ar user . A .Ar user may be matched by name or identification number. +.It Cm verrevpath +For incoming packets, +a routing table lookup is done on the packet's source address. +If the interface on which the packet entered the system matches the +outgoing interface for the route, +the packet matches. +If the interfaces do not match up, +the packet does not match. +All outgoing packets or packets with no incoming interface match. +.Pp +The name and functionality of the option is intentionally similar to +the Cisco IOS command: +.Pp +.Dl ip verify unicast reverse-path +.Pp +This option can be used to make anti-spoofing rules. +.El +.Sh SETS OF RULES +Each rule belongs to one of 32 different +.Em sets +, numbered 0 to 31. +Set 31 is reserved for the default rule. +.Pp +By default, rules are put in set 0, unless you use the +.Cm set N +attribute when entering a new rule. +Sets can be individually and atomically enabled or disabled, +so this mechanism permits an easy way to store multiple configurations +of the firewall and quickly (and atomically) switch between them. +The command to enable/disable sets is +.Bd -ragged -offset indent +.Nm +.Cm set Oo Cm disable Ar number ... Oc Op Cm enable Ar number ... +.Ed +.Pp +where multiple +.Cm enable +or +.Cm disable +sections can be specified. +Command execution is atomic on all the sets specified in the command. +By default, all sets are enabled. +.Pp +When you disable a set, its rules behave as if they do not exist +in the firewall configuration, with only one exception: +.Bd -ragged -offset indent +dynamic rules created from a rule before it had been disabled +will still be active until they expire. In order to delete +dynamic rules you have to explicitly delete the parent rule +which generated them. +.Ed +.Pp +The set number of rules can be changed with the command +.Bd -ragged -offset indent +.Nm +.Cm set move +.Brq Cm rule Ar rule-number | old-set +.Cm to Ar new-set +.Ed +.Pp +Also, you can atomically swap two rulesets with the command +.Bd -ragged -offset indent +.Nm +.Cm set swap Ar first-set second-set +.Ed +.Pp +See the +.Sx EXAMPLES +Section on some possible uses of sets of rules. +.Sh STATEFUL FIREWALL +Stateful operation is a way for the firewall to dynamically +create rules for specific flows when packets that +match a given pattern are detected. Support for stateful +operation comes through the +.Cm check-state , keep-state +and +.Cm limit +options of +.Nm rules. +.Pp +Dynamic rules are created when a packet matches a +.Cm keep-state +or +.Cm limit +rule, causing the creation of a +.Em dynamic +rule which will match all and only packets with +a given +.Em protocol +between a +.Em src-ip/src-port dst-ip/dst-port +pair of addresses ( +.Em src +and +.Em dst +are used here only to denote the initial match addresses, but they +are completely equivalent afterwards). +Dynamic rules will be checked at the first +.Cm check-state, keep-state +or +.Cm limit +occurrence, and the action performed upon a match will be the same +as in the parent rule. +.Pp +Note that no additional attributes other than protocol and IP addresses +and ports are checked on dynamic rules. +.Pp +The typical use of dynamic rules is to keep a closed firewall configuration, +but let the first TCP SYN packet from the inside network install a +dynamic rule for the flow so that packets belonging to that session +will be allowed through the firewall: +.Pp +.Dl "ipfw add check-state" +.Dl "ipfw add allow tcp from my-subnet to any setup keep-state" +.Dl "ipfw add deny tcp from any to any" +.Pp +A similar approach can be used for UDP, where an UDP packet coming +from the inside will install a dynamic rule to let the response through +the firewall: +.Pp +.Dl "ipfw add check-state" +.Dl "ipfw add allow udp from my-subnet to any keep-state" +.Dl "ipfw add deny udp from any to any" +.Pp +Dynamic rules expire after some time, which depends on the status +of the flow and the setting of some +.Cm sysctl +variables. +See Section +.Sx SYSCTL VARIABLES +for more details. +For TCP sessions, dynamic rules can be instructed to periodically +send keepalive packets to refresh the state of the rule when it is +about to expire. +.Pp +See Section +.Sx EXAMPLES +for more examples on how to use dynamic rules. +.Sh TRAFFIC SHAPER (DUMMYNET) CONFIGURATION +.Nm +is also the user interface for the +.Xr dummynet 4 +traffic shaper. +.Pp +.Nm dummynet +operates by first using the firewall to classify packets and divide them into +.Em flows , +using any match pattern that can be used in +.Nm +rules. +Depending on local policies, a flow can contain packets for a single +TCP connection, or from/to a given host, or entire subnet, or a +protocol type, etc. +.Pp +Packets belonging to the same flow are then passed to either of two +different objects, which implement the traffic regulation: +.Bl -hang -offset XXXX +.It Em pipe +A pipe emulates a link with given bandwidth, propagation delay, +queue size and packet loss rate. +Packets are queued in front of the pipe as they come out from the classifier, +and then transferred to the pipe according to the pipe's parameters. +.Pp +.It Em queue +A queue +is an abstraction used to implement the WF2Q+ +(Worst-case Fair Weighted Fair Queueing) policy, which is +an efficient variant of the WFQ policy. +.br +The queue associates a +.Em weight +and a reference pipe to each flow, and then all backlogged (i.e., +with packets queued) flows linked to the same pipe share the pipe's +bandwidth proportionally to their weights. +Note that weights are not priorities; a flow with a lower weight +is still guaranteed to get its fraction of the bandwidth even if a +flow with a higher weight is permanently backlogged. +.Pp +.El +In practice, +.Em pipes +can be used to set hard limits to the bandwidth that a flow can use, whereas +.Em queues +can be used to determine how different flow share the available bandwidth. +.Pp +The +.Em pipe +and +.Em queue +configuration commands are the following: +.Bd -ragged -offset indent +.Cm pipe Ar number Cm config Ar pipe-configuration +.Pp +.Cm queue Ar number Cm config Ar queue-configuration +.Ed +.Pp +The following parameters can be configured for a pipe: +.Pp +.Bl -tag -width indent -compact +.It Cm bw Ar bandwidth | device +Bandwidth, measured in +.Sm off +.Op Cm K | M +.Brq Cm bit/s | Byte/s . +.Sm on +.Pp +A value of 0 (default) means unlimited bandwidth. +The unit must immediately follow the number, as in +.Pp +.Dl "ipfw pipe 1 config bw 300Kbit/s" +.Pp +If a device name is specified instead of a numeric value, as in +.Pp +.Dl "ipfw pipe 1 config bw tun0" +.Pp +then the transmit clock is supplied by the specified device. +At the moment only the +.Xr tun 4 +device supports this +functionality, for use in conjunction with +.Xr ppp 8 . +.Pp +.It Cm delay Ar ms-delay +Propagation delay, measured in milliseconds. +The value is rounded to the next multiple of the clock tick +(typically 10ms, but it is a good practice to run kernels +with +.Dq "options HZ=1000" +to reduce +the granularity to 1ms or less). +Default value is 0, meaning no delay. +.El +.Pp +The following parameters can be configured for a queue: +.Pp +.Bl -tag -width indent -compact +.It Cm pipe Ar pipe_nr +Connects a queue to the specified pipe. +Multiple queues (with the same or different weights) can be connected to +the same pipe, which specifies the aggregate rate for the set of queues. +.Pp +.It Cm weight Ar weight +Specifies the weight to be used for flows matching this queue. +The weight must be in the range 1..100, and defaults to 1. +.El +.Pp +Finally, the following parameters can be configured for both +pipes and queues: +.Pp +.Bl -tag -width XXXX -compact +.Pp +.It Cm buckets Ar hash-table-size +Specifies the size of the hash table used for storing the +various queues. +Default value is 64 controlled by the +.Xr sysctl 8 +variable +.Em net.inet.ip.dummynet.hash_size , +allowed range is 16 to 65536. +.Pp +.It Cm mask Ar mask-specifier +Packets sent to a given pipe or queue by an +.Nm +rule can be further classified into multiple flows, each of which is then +sent to a different +.Em dynamic +pipe or queue. +A flow identifier is constructed by masking the IP addresses, +ports and protocol types as specified with the +.Cm mask +options in the configuration of the pipe or queue. +For each different flow identifier, a new pipe or queue is created +with the same parameters as the original object, and matching packets +are sent to it. +.Pp +Thus, when +.Em dynamic pipes +are used, each flow will get the same bandwidth as defined by the pipe, +whereas when +.Em dynamic queues +are used, each flow will share the parent's pipe bandwidth evenly +with other flows generated by the same queue (note that other queues +with different weights might be connected to the same pipe). +.br +Available mask specifiers are a combination of one or more of the following: +.Pp +.Cm dst-ip Ar mask , +.Cm src-ip Ar mask , +.Cm dst-port Ar mask , +.Cm src-port Ar mask , +.Cm proto Ar mask +or +.Cm all , +.Pp +where the latter means all bits in all fields are significant. +.Pp +.It Cm noerror +When a packet is dropped by a dummynet queue or pipe, the error +is normally reported to the caller routine in the kernel, in the +same way as it happens when a device queue fills up. Setting this +option reports the packet as successfully delivered, which can be +needed for some experimental setups where you want to simulate +loss or congestion at a remote router. +.Pp +.It Cm plr Ar packet-loss-rate +Packet loss rate. +Argument +.Ar packet-loss-rate +is a floating-point number between 0 and 1, with 0 meaning no +loss, 1 meaning 100% loss. +The loss rate is internally represented on 31 bits. +.Pp +.It Cm queue Brq Ar slots | size Ns Cm Kbytes +Queue size, in +.Ar slots +or +.Cm KBytes . +Default value is 50 slots, which +is the typical queue size for Ethernet devices. +Note that for slow speed links you should keep the queue +size short or your traffic might be affected by a significant +queueing delay. +E.g., 50 max-sized ethernet packets (1500 bytes) mean 600Kbit +or 20s of queue on a 30Kbit/s pipe. +Even worse effect can result if you get packets from an +interface with a much larger MTU, e.g. the loopback interface +with its 16KB packets. +.Pp +.It Cm red | gred Ar w_q Ns / Ns Ar min_th Ns / Ns Ar max_th Ns / Ns Ar max_p +Make use of the RED (Random Early Detection) queue management algorithm. +.Ar w_q +and +.Ar max_p +are floating +point numbers between 0 and 1 (0 not included), while +.Ar min_th +and +.Ar max_th +are integer numbers specifying thresholds for queue management +(thresholds are computed in bytes if the queue has been defined +in bytes, in slots otherwise). +The +.Xr dummynet 4 +also supports the gentle RED variant (gred). +Three +.Xr sysctl 8 +variables can be used to control the RED behaviour: +.Bl -tag -width indent +.It Em net.inet.ip.dummynet.red_lookup_depth +specifies the accuracy in computing the average queue +when the link is idle (defaults to 256, must be greater than zero) +.It Em net.inet.ip.dummynet.red_avg_pkt_size +specifies the expected average packet size (defaults to 512, must be +greater than zero) +.It Em net.inet.ip.dummynet.red_max_pkt_size +specifies the expected maximum packet size, only used when queue +thresholds are in bytes (defaults to 1500, must be greater than zero). .El .El .Sh CHECKLIST @@ -705,21 +1557,51 @@ Most connections need packets going in both directions. Remember to test very carefully. It is a good idea to be near the console when doing this. If you cannot be near the console, -use an auto-recovery script. +use an auto-recovery script such as the one in +.Pa /usr/share/examples/ipfw/change_rules.sh . .It Don't forget the loopback interface. .El .Sh FINE POINTS .Bl -bullet .It -There is one kind of packet that the firewall will always -discard, that is a TCP packet's fragment with a fragment offset of -one. +There are circumstances where fragmented datagrams are unconditionally +dropped. +TCP packets are dropped if they do not contain at least 20 bytes of +TCP header, UDP packets are dropped if they do not contain a full 8 +byte UDP header, and ICMP packets are dropped if they do not contain +4 bytes of ICMP header, enough to specify the ICMP type, code, and +checksum. +These packets are simply logged as +.Dq pullup failed +since there may not be enough good data in the packet to produce a +meaningful log entry. +.It +Another type of packet is unconditionally dropped, a TCP packet with a +fragment offset of one. This is a valid packet, but it only has one use, to try to circumvent firewalls. When logging is enabled, these packets are reported as being dropped by rule -1. .It +If you are logged in over a network, loading the +.Xr kld 4 +version of +.Nm +is probably not as straightforward as you would think. +I recommend the following command line: +.Bd -literal -offset indent +kldload ipfw && \e +ipfw add 32000 allow ip from any to any +.Ed +.Pp +Along the same lines, doing an +.Bd -literal -offset indent +ipfw flush +.Ed +.Pp +in similar surroundings is also a bad idea. +.It The .Nm filter list may not be modified if the system security level @@ -739,49 +1621,252 @@ dropped. .Sh SYSCTL VARIABLES A set of .Xr sysctl 8 -variables controls the behaviour of the firewall. -These are shown below together with their default value and -meaning: +variables controls the behaviour of the firewall and +associated modules ( +.Nm dummynet, bridge +). +These are shown below together with their default value +(but always check with the +.Xr sysctl 8 +command what value is actually in use) and meaning: .Bl -tag -width indent +.It Em net.inet.ip.dummynet.expire : No 1 +Lazily delete dynamic pipes/queue once they have no pending traffic. +You can disable this by setting the variable to 0, in which case +the pipes/queues will only be deleted when the threshold is reached. +.It Em net.inet.ip.dummynet.hash_size : No 64 +Default size of the hash table used for dynamic pipes/queues. +This value is used when no +.Cm buckets +option is specified when configuring a pipe/queue. +.It Em net.inet.ip.dummynet.max_chain_len : No 16 +Target value for the maximum number of pipes/queues in a hash bucket. +The product +.Cm max_chain_len*hash_size +is used to determine the threshold over which empty pipes/queues +will be expired even when +.Cm net.inet.ip.dummynet.expire=0 . +.It Em net.inet.ip.dummynet.red_lookup_depth : No 256 +.It Em net.inet.ip.dummynet.red_avg_pkt_size : No 512 +.It Em net.inet.ip.dummynet.red_max_pkt_size : No 1500 +Parameters used in the computations of the drop probability +for the RED algorithm. +.It Em net.inet.ip.fw.autoinc_step : No 100 +Delta between rule numbers when auto-generating them. +The value must be in the range 1..1000. +This variable is only present in +.Nm ipfw2 , +the delta is hardwired to 100 in +.Nm ipfw1 . +.It Em net.inet.ip.fw.curr_dyn_buckets : Em net.inet.ip.fw.dyn_buckets +The current number of buckets in the hash table for dynamic rules +(readonly). .It Em net.inet.ip.fw.debug : No 1 Controls debugging messages produced by .Nm . -.It Em net.inet.ip.fw.verbose : No 1 -Enables verbose messages. -.It Em net.inet.ip.fw.enable : No 1 -Enables the firewall. -Setting this variable to 0 lets you run your machine without -firewall even if compiled in. -.It Em net.inet.ip.fw.verbose_limit : No 0 -Limits the number of messages produced by a verbose firewall. .It Em net.inet.ip.fw.dyn_buckets : No 256 -.It Em net.inet.ip.fw.curr_dyn_buckets : No 256 -The configured and current size of the hash table used to -hold dynamic rules. -This must be a power of 2. -The table can only be resized when empty, so in order to -resize it on the fly you will probably have to +The number of buckets in the hash table for dynamic rules. +Must be a power of 2, up to 65536. +It only takes effect when all dynamic rules have expired, so you +are advised to use a .Cm flush -and reload the ruleset. +command to make sure that the hash table is resized. .It Em net.inet.ip.fw.dyn_count : No 3 Current number of dynamic rules (read-only). -.It Em net.inet.ip.fw.dyn_max : No 1000 +.It Em net.inet.ip.fw.dyn_keepalive : No 1 +Enables generation of keepalive packets for +.Cm keep-state +rules on TCP sessions. A keepalive is generated to both +sides of the connection every 5 seconds for the last 20 +seconds of the lifetime of the rule. +.It Em net.inet.ip.fw.dyn_max : No 8192 Maximum number of dynamic rules. When you hit this limit, no more dynamic rules can be installed until old ones expire. .It Em net.inet.ip.fw.dyn_ack_lifetime : No 300 .It Em net.inet.ip.fw.dyn_syn_lifetime : No 20 -.It Em net.inet.ip.fw.dyn_fin_lifetime : No 20 -.It Em net.inet.ip.fw.dyn_rst_lifetime : No 5 +.It Em net.inet.ip.fw.dyn_fin_lifetime : No 1 +.It Em net.inet.ip.fw.dyn_rst_lifetime : No 1 +.It Em net.inet.ip.fw.dyn_udp_lifetime : No 5 .It Em net.inet.ip.fw.dyn_short_lifetime : No 30 These variables control the lifetime, in seconds, of dynamic rules. Upon the initial SYN exchange the lifetime is kept short, then increased after both SYN have been seen, then decreased -again during the final FIN exchange or when a RST +again during the final FIN exchange or when a RST is received. +Both +.Em dyn_fin_lifetime +and +.Em dyn_rst_lifetime +must be strictly lower than 5 seconds, the period of +repetition of keepalives. The firewall enforces that. +.It Em net.inet.ip.fw.enable : No 1 +Enables the firewall. +Setting this variable to 0 lets you run your machine without +firewall even if compiled in. +.It Em net.inet.ip.fw.one_pass : No 1 +When set, the packet exiting from the +.Xr dummynet 4 +pipe is not passed though the firewall again. +Otherwise, after a pipe action, the packet is +reinjected into the firewall at the next rule. +.It Em net.inet.ip.fw.verbose : No 1 +Enables verbose messages. +.It Em net.inet.ip.fw.verbose_limit : No 0 +Limits the number of messages produced by a verbose firewall. +.It Em net.link.ether.ipfw : No 0 +Controls whether layer-2 packets are passed to +.Nm . +Default is no. +.It Em net.link.ether.bridge_ipfw : No 0 +Controls whether bridged packets are passed to +.Nm . +Default is no. +.El +.Sh USING IPFW2 IN FreeBSD-STABLE +.Nm ipfw2 +is standard in +.Fx +CURRENT, whereas +.Fx +STABLE still uses +.Nm ipfw1 +unless the kernel is compiled with +.Cm options IPFW2 , +and +.Nm /sbin/ipfw +and +.Nm /usr/lib/libalias +are recompiled with +.Cm -DIPFW2 +and reinstalled (the same effect can be achieved by adding +.Cm IPFW2=TRUE +to +.Nm /etc/make.conf +before a buildworld). +.Pp +.Sh IPFW2 ENHANCEMENTS +This Section lists the features that have been introduced in +.Nm ipfw2 +which were not present in +.Nm ipfw1 . +We list them in order of the potential impact that they can +have in writing your rulesets. +You might want to consider using these features in order to +write your rulesets in a more efficient way. +.Bl -tag -width indent +.It Syntax and flags +.Nm ipfw1 +does not support the -n flag (only test syntax), +nor it allows spaces after commas or supports all +rule fields in a single argument. +.It Handling of non-IPv4 packets +.Nm ipfw1 +will silently accept all non-IPv4 packets (which +.Nm ipfw1 +will only see when +.Em net.link.ether.bridge_ipfw=1 Ns +). +.Nm ipfw2 +will filter all packets (including non-IPv4 ones) according to the ruleset. +To achieve the same behaviour as +.Nm ipfw1 +you can use the following as the very first rule in your ruleset: +.Pp +.Dl "ipfw add 1 allow layer2 not mac-type ip" +.Pp +The +.Cm layer2 +option might seem redundant, but it is necessary -- packets +passed to the firewall from layer3 will not have a MAC header, +so the +.Cm mac-type ip +pattern will always fail on them, and the +.Cm not +operator will make this rule into a pass-all. +.It Addresses +.Nm ipfw1 +does not supports address sets or lists of addresses. +.Pp +.It Port specifications +.Nm ipfw1 +only allows one port range when specifying TCP and UDP ports, and +is limited to 10 entries instead of the 15 allowed by +.Nm ipfw2 . +Also, in +.Nm ipfw1 +you can only specify ports when the rule is requesting +.Cm tcp +or +.Cm udp +packets. With +.Nm ipfw2 +you can put port specifications in rules matching all packets, +and the match will be attempted only on those packets carrying +protocols which include port identifiers. +.Pp +Finally, +.Nm ipfw1 +allowed the first port entry to be specified as +.Ar port:mask +where +.Ar mask +can be an arbitrary 16-bit mask. +This syntax is of questionable usefulness and it is not +supported anymore in +.Nm ipfw2 . +.It Or-blocks +.Nm ipfw1 +does not support Or-blocks. +.It keepalives +.Nm ipfw1 +does not generate keepalives for stateful sessions. +As a consequence, it might cause idle sessions to drop because +the lifetime of the dynamic rules expires. +.It Sets of rules +.Nm ipfw1 +does not implement sets of rules. +.It MAC header filtering and Layer-2 firewalling. +.Nm ipfw1 +does not implement filtering on MAC header fields, nor is it +invoked on packets from +.Cm ether_demux() +and +.Cm ether_output_frame(). +The sysctl variable +.Em net.link.ether.ipfw +has no effect there. +.It Options +In +.Nm ipfw1 , +the following options only accept a single value as an argument: +.Pp +.Cm ipid, iplen, ipttl +.Pp +The following options are not implemented by +.Nm ipfw1 : +.Pp +.Cm dst-ip, dst-port, layer2, mac, mac-type, src-ip, src-port. +.Pp +Additionally, the RELENG_4 version of +.Nm ipfw1 +does not implement the following options: +.Pp +.Cm ipid, iplen, ipprecedence, iptos, ipttl, +.Cm ipversion, tcpack, tcpseq, tcpwin . +.It Dummynet options +The following option for +.Nm dummynet +pipes/queues is not supported: +.Cm noerror . .El .Sh EXAMPLES +There are far too many possible uses of +.Nm +so this Section will only give a small set of examples. +.Pp +.Ss BASIC PACKET FILTERING This command adds an entry which denies all tcp packets from .Em cracker.evil.org to the telnet port of @@ -790,12 +1875,12 @@ from being forwarded by the host: .Pp .Dl "ipfw add deny tcp from cracker.evil.org to wolf.tambov.su telnet" .Pp -This one disallows any connection from the entire crackers +This one disallows any connection from the entire cracker's network to my host: .Pp .Dl "ipfw add deny ip from 123.45.67.0/24 to my.host.org" .Pp -A fast and efficient way to limit access (not using dynamic rules) +A first and efficient way to limit access (not using dynamic rules) is the use of the following rules: .Pp .Dl "ipfw add allow tcp from any to any established" @@ -813,6 +1898,36 @@ All other SYN packets will be rejected by the final .Cm deny rule. .Pp +If you administer one or more subnets, you can take advantage of the +.Nm ipfw2 +syntax to specify address sets and or-blocks and write extremely +compact rulesets which selectively enable services to blocks +of clients, as below: +.Pp +.Dl "goodguys=\*q{ 10.1.2.0/24{20,35,66,18} or 10.2.3.0/28{6,3,11} }\*q" +.Dl "badguys=\*q10.1.2.0/24{8,38,60}\*q" +.Dl "" +.Dl "ipfw add allow ip from ${goodguys} to any" +.Dl "ipfw add deny ip from ${badguys} to any" +.Dl "... normal policies ..." +.Pp +The +.Nm ipfw1 +syntax would require a separate rule for each IP in the above +example. +.Pp +The +.Cm verrevpath +option could be used to do automated anti-spoofing by adding the +following to the top of a ruleset: +.Pp +.Dl "ipfw add deny ip from any to any not verrevpath in" +.Pp +This rule drops all incoming packets that appear to be coming to the +sytem on the wrong interface. For example, a packet with a source +address belonging to a host on a protected internal network would be +dropped if it tried to enter the system from an external interface. +.Ss DYNAMIC RULES In order to protect a site from flood attacks involving fake TCP packets, it is safer to use dynamic rules: .Pp @@ -830,10 +1945,21 @@ or rule. A .Cm check-state -rule should be usually placed near the beginning of the +rule should usually be placed near the beginning of the ruleset to minimize the amount of work scanning the ruleset. Your mileage may vary. .Pp +To limit the number of connections a user can open +you can use the following type of rules: +.Pp +.Dl "ipfw add allow tcp from my-net/24 to any setup limit src-addr 10" +.Dl "ipfw add allow tcp from any to me setup limit src-addr 4" +.Pp +The former (assuming it runs on a gateway) will allow each host +on a /24 network to open at most 10 TCP connections. +The latter can be placed on a server to make sure that a single +client does not use more than 4 simultaneous connections. +.Pp .Em BEWARE : stateful rules can be subject to denial-of-service attacks by a SYN-flood which opens a huge number of dynamic rules. @@ -852,48 +1978,180 @@ or in short form without timestamps: .Pp .Dl ipfw -a list .Pp +which is equivalent to: +.Pp +.Dl ipfw show +.Pp Next rule diverts all incoming packets from 192.168.2.0/24 to divert port 5000: .Pp .Dl ipfw divert 5000 ip from 192.168.2.0/24 to any in .Pp +.Ss TRAFFIC SHAPING +The following rules show some of the applications of +.Nm +and +.Xr dummynet 4 +for simulations and the like. +.Pp +This rule drops random incoming packets with a probability +of 5%: +.Pp +.Dl "ipfw add prob 0.05 deny ip from any to any in" +.Pp +A similar effect can be achieved making use of dummynet pipes: +.Pp +.Dl "ipfw add pipe 10 ip from any to any" +.Dl "ipfw pipe 10 config plr 0.05" +.Pp +We can use pipes to artificially limit bandwidth, e.g. on a +machine acting as a router, if we want to limit traffic from +local clients on 192.168.2.0/24 we do: +.Pp +.Dl "ipfw add pipe 1 ip from 192.168.2.0/24 to any out" +.Dl "ipfw pipe 1 config bw 300Kbit/s queue 50KBytes" +.Pp +note that we use the +.Cm out +modifier so that the rule is not used twice. +Remember in fact that +.Nm +rules are checked both on incoming and outgoing packets. +.Pp +Should we want to simulate a bidirectional link with bandwidth +limitations, the correct way is the following: +.Pp +.Dl "ipfw add pipe 1 ip from any to any out" +.Dl "ipfw add pipe 2 ip from any to any in" +.Dl "ipfw pipe 1 config bw 64Kbit/s queue 10Kbytes" +.Dl "ipfw pipe 2 config bw 64Kbit/s queue 10Kbytes" +.Pp +The above can be very useful, e.g. if you want to see how +your fancy Web page will look for a residential user who +is connected only through a slow link. +You should not use only one pipe for both directions, unless +you want to simulate a half-duplex medium (e.g. AppleTalk, +Ethernet, IRDA). +It is not necessary that both pipes have the same configuration, +so we can also simulate asymmetric links. +.Pp +Should we want to verify network performance with the RED queue +management algorithm: +.Pp +.Dl "ipfw add pipe 1 ip from any to any" +.Dl "ipfw pipe 1 config bw 500Kbit/s queue 100 red 0.002/30/80/0.1" +.Pp +Another typical application of the traffic shaper is to +introduce some delay in the communication. +This can significantly affect applications which do a lot of Remote +Procedure Calls, and where the round-trip-time of the +connection often becomes a limiting factor much more than +bandwidth: +.Pp +.Dl "ipfw add pipe 1 ip from any to any out" +.Dl "ipfw add pipe 2 ip from any to any in" +.Dl "ipfw pipe 1 config delay 250ms bw 1Mbit/s" +.Dl "ipfw pipe 2 config delay 250ms bw 1Mbit/s" +.Pp +Per-flow queueing can be useful for a variety of purposes. +A very simple one is counting traffic: +.Pp +.Dl "ipfw add pipe 1 tcp from any to any" +.Dl "ipfw add pipe 1 udp from any to any" +.Dl "ipfw add pipe 1 ip from any to any" +.Dl "ipfw pipe 1 config mask all" +.Pp +The above set of rules will create queues (and collect +statistics) for all traffic. +Because the pipes have no limitations, the only effect is +collecting statistics. +Note that we need 3 rules, not just the last one, because +when +.Nm +tries to match IP packets it will not consider ports, so we +would not see connections on separate ports as different +ones. +.Pp +A more sophisticated example is limiting the outbound traffic +on a net with per-host limits, rather than per-network limits: +.Pp +.Dl "ipfw add pipe 1 ip from 192.168.2.0/24 to any out" +.Dl "ipfw add pipe 2 ip from any to 192.168.2.0/24 in" +.Dl "ipfw pipe 1 config mask src-ip 0x000000ff bw 200Kbit/s queue 20Kbytes" +.Dl "ipfw pipe 2 config mask dst-ip 0x000000ff bw 200Kbit/s queue 20Kbytes" +.Ss SETS OF RULES +To add a set of rules atomically, e.g. set 18: +.Pp +.Dl "ipfw set disable 18" +.Dl "ipfw add NN set 18 ... # repeat as needed" +.Dl "ipfw set enable 18" +.Pp +To delete a set of rules atomically the command is simply: +.Pp +.Dl "ipfw delete set 18" +.Pp +To test a ruleset and disable it and regain control if something goes wrong: +.Pp +.Dl "ipfw set disable 18" +.Dl "ipfw add NN set 18 ... # repeat as needed" +.Dl "ipfw set enable 18; echo done; sleep 30 && ipfw set disable 18" +.Pp +Here if everything goes well, you press control-C before the "sleep" +terminates, and your ruleset will be left active. Otherwise, e.g. if +you cannot access your box, the ruleset will be disabled after +the sleep terminates thus restoring the previous situation. .Sh SEE ALSO .Xr cpp 1 , .Xr m4 1 , +.Xr bridge 4 , .Xr divert 4 , +.Xr dummynet 4 , .Xr ip 4 , .Xr ipfirewall 4 , .Xr protocols 5 , .Xr services 5 , .Xr init 8 , +.Xr kldload 8 , .Xr reboot 8 , .Xr sysctl 8 , .Xr syslogd 8 .Sh BUGS -The syntax has grown over the years and it is not very clean. -.Pp -.Em WARNING!!WARNING!!WARNING!!WARNING!!WARNING!!WARNING!!WARNING!! +The syntax has grown over the years and sometimes it might be confusing. +Unfortunately, backward compatibility prevents cleaning up mistakes +made in the definition of the syntax. .Pp -This program can put your computer in rather unusable state. -When using it for the first time, work on the console of the -computer, and do -.Em NOT -do anything you don't understand. +.Em !!! WARNING !!! .Pp -When manipulating/adding chain entries, service and protocol names -are not accepted. +Misconfiguring the firewall can put your computer in an unusable state, +possibly shutting down network services and requiring console access to +regain control of it. .Pp Incoming packet fragments diverted by .Cm divert or .Cm tee are reassembled before delivery to the socket. +The action used on those packet is the one from the +rule which matches the first fragment of the packet. .Pp Packets that match a .Cm tee rule should not be immediately accepted, but should continue going through the rule list. This may be fixed in a later version. +.Pp +Packets diverted to userland, and then reinserted by a userland process +may lose various packet attributes. +The packet source interface name +will be preserved if it is shorter than 8 bytes and the userland process +saves and reuses the sockaddr_in +(as does +.Xr natd 8 ) ; +otherwise, it may be lost. +If a packet is reinserted in this manner, later rules may be incorrectly +applied, making the order of +.Cm divert +rules in the rule sequence very important. .Sh AUTHORS .An Ugen J. S. Antsilevich , .An Poul-Henning Kamp , @@ -905,10 +2163,19 @@ This may be fixed in a later version. API based upon code written by .An Daniel Boulet for BSDI. +.Pp +Work on +.Xr dummynet 4 +traffic shaper supported by Akamba Corp. .Sh HISTORY The .Nm utility first appeared in .Fx 2.0 . +.Xr dummynet 4 +was introduced in +.Fx 2.2.8 . Stateful extensions were introduced in .Fx 4.0 . +.Nm ipfw2 +was introduced in Summer 2002. diff --git a/ipfw.tproj/ipfw.c b/ipfw.tproj/ipfw.c deleted file mode 100644 index 3eba9bc..0000000 --- a/ipfw.tproj/ipfw.c +++ /dev/null @@ -1,2420 +0,0 @@ -/* - * Copyright (c) 2002 Apple Computer, Inc. All rights reserved. - * - * @APPLE_LICENSE_HEADER_START@ - * - * The contents of this file constitute Original Code as defined in and - * are subject to the Apple Public Source License Version 1.1 (the - * "License"). You may not use this file except in compliance with the - * License. Please obtain a copy of the License at - * http://www.apple.com/publicsource and read it before using this file. - * - * This Original Code and all software distributed under the License are - * distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY KIND, EITHER - * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, - * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License. - * - * @APPLE_LICENSE_HEADER_END@ - */ -/* - * Copyright (c) 1996 Alex Nash, Paul Traina, Poul-Henning Kamp - * Copyright (c) 1994 Ugen J.S.Antsilevich - * - * Idea and grammar partially left from: - * Copyright (c) 1993 Daniel Boulet - * - * Redistribution and use in source forms, with and without modification, - * are permitted provided that this entire comment appears intact. - * - * Redistribution in binary form may occur without any restrictions. - * Obviously, it would be nice if you gave credit where credit is due - * but requiring it would be too onerous. - * - * This software is provided ``AS IS'' without any warranties of any kind. - * - * NEW command line interface for IP firewall facility - * - */ - - - -#include -#include -#include -#include -#include -#include -#include -#include - -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include - -#include -#include -#include -#include -#include -#include -#include /* def. of struct route */ -#ifdef DUMMYNET -#include -#endif /* DUMMYNET */ -#include -#include - -int s, /* main RAW socket */ - do_resolv, /* Would try to resolve all */ - do_acct, /* Show packet/byte count */ - do_time, /* Show time stamps */ - do_quiet, /* Be quiet in add and flush */ - do_force, /* Don't ask for confirmation */ - #ifdef DUMMYNET - do_pipe, /* this cmd refers to a pipe */ - #endif /* DUMMYNET */ - do_sort, /* field to sort results (0 = no) */ - verbose; - -struct icmpcode { - int code; - char *str; -}; - -static struct icmpcode icmpcodes[] = { - { ICMP_UNREACH_NET, "net" }, - { ICMP_UNREACH_HOST, "host" }, - { ICMP_UNREACH_PROTOCOL, "protocol" }, - { ICMP_UNREACH_PORT, "port" }, - { ICMP_UNREACH_NEEDFRAG, "needfrag" }, - { ICMP_UNREACH_SRCFAIL, "srcfail" }, - { ICMP_UNREACH_NET_UNKNOWN, "net-unknown" }, - { ICMP_UNREACH_HOST_UNKNOWN, "host-unknown" }, - { ICMP_UNREACH_ISOLATED, "isolated" }, - { ICMP_UNREACH_NET_PROHIB, "net-prohib" }, - { ICMP_UNREACH_HOST_PROHIB, "host-prohib" }, - { ICMP_UNREACH_TOSNET, "tosnet" }, - { ICMP_UNREACH_TOSHOST, "toshost" }, - { ICMP_UNREACH_FILTER_PROHIB, "filter-prohib" }, - { ICMP_UNREACH_HOST_PRECEDENCE, "host-precedence" }, - { ICMP_UNREACH_PRECEDENCE_CUTOFF, "precedence-cutoff" }, - { 0, NULL } -}; - -static void show_usage(const char *fmt, ...); - -static int -mask_bits(struct in_addr m_ad) -{ - int h_fnd = 0, h_num = 0, i; - u_long mask; - - mask = ntohl(m_ad.s_addr); - for (i = 0; i < sizeof(u_long) * CHAR_BIT; i++) { - if (mask & 1L) { - h_fnd = 1; - h_num++; - } else { - if (h_fnd) - return -1; - } - mask = mask >> 1; - } - return h_num; -} - -static void -print_port(prot, port, comma) - u_char prot; - u_short port; - const char *comma; -{ - struct servent *se; - struct protoent *pe; - const char *protocol; - int printed = 0; - - if (!strcmp(comma, ":")) { - printf("%s0x%04x", comma, port); - return; - } - if (do_resolv) { - pe = getprotobynumber(prot); - if (pe) - protocol = pe->p_name; - else - protocol = NULL; - - se = getservbyport(htons(port), protocol); - if (se) { - printf("%s%s", comma, se->s_name); - printed = 1; - } - } - if (!printed) - printf("%s%d", comma, port); -} - -static void -print_iface(char *key, union ip_fw_if *un, int byname) -{ - char ifnb[FW_IFNLEN+1]; - - if (byname) { - strncpy(ifnb, un->fu_via_if.name, FW_IFNLEN); - ifnb[FW_IFNLEN] = '\0'; - if (un->fu_via_if.unit == -1) - printf(" %s %s*", key, ifnb); - else - printf(" %s %s%d", key, ifnb, un->fu_via_if.unit); - } else if (un->fu_via_ip.s_addr != 0) { - printf(" %s %s", key, inet_ntoa(un->fu_via_ip)); - } else - printf(" %s any", key); -} - -static void -print_reject_code(int code) -{ - struct icmpcode *ic; - - for (ic = icmpcodes; ic->str; ic++) - if (ic->code == code) { - printf("%s", ic->str); - return; - } - printf("%u", code); -} - -static void -show_ipfw(struct ip_fw *chain, int pcwidth, int bcwidth) -{ - char *comma; - u_long adrt; - struct hostent *he; - struct protoent *pe; - int i, mb; - int nsp = IP_FW_GETNSRCP(chain); - int ndp = IP_FW_GETNDSTP(chain); - - if (do_resolv) - setservent(1/*stay open*/); - - printf("%05u ", chain->fw_number); - - if (do_acct) - printf("%*qu %*qu ", pcwidth, chain->fw_pcnt, bcwidth, chain->fw_bcnt); - - if (do_time) { - if (chain->timestamp) { - char timestr[30]; - - strcpy(timestr, ctime((time_t *)&chain->timestamp)); - *strchr(timestr, '\n') = '\0'; - printf("%s ", timestr); - } else { - printf(" "); - } - } - if (chain->fw_flg == IP_FW_F_CHECK_S) { - printf("check-state\n"); - goto done; - } - - if (chain->fw_flg & IP_FW_F_RND_MATCH) { - double d = 1.0 * (int)(chain->pipe_ptr); - d = 1 - (d / 0x7fffffff); - printf("prob %f ", d); - } - - switch (chain->fw_flg & IP_FW_F_COMMAND) { - case IP_FW_F_ACCEPT: - printf("allow"); - break; - case IP_FW_F_DENY: - printf("deny"); - break; - case IP_FW_F_COUNT: - printf("count"); - break; - case IP_FW_F_DIVERT: - printf("divert %u", chain->fw_divert_port); - break; - case IP_FW_F_TEE: - printf("tee %u", chain->fw_divert_port); - break; - case IP_FW_F_SKIPTO: - printf("skipto %u", chain->fw_skipto_rule); - break; - - case IP_FW_F_PIPE: - printf("pipe %u", chain->fw_skipto_rule); - break; - case IP_FW_F_QUEUE: - printf("queue %u", chain->fw_skipto_rule); - break; - case IP_FW_F_REJECT: - if (chain->fw_reject_code == IP_FW_REJECT_RST) - printf("reset"); - else { - printf("unreach "); - print_reject_code(chain->fw_reject_code); - } - break; - case IP_FW_F_FWD: - printf("fwd %s", inet_ntoa(chain->fw_fwd_ip.sin_addr)); - if(chain->fw_fwd_ip.sin_port) - printf(",%d", chain->fw_fwd_ip.sin_port); - break; - default: - errx(EX_OSERR, "impossible"); - } - - if (chain->fw_flg & IP_FW_F_PRN) { - printf(" log"); - if (chain->fw_logamount) - printf(" logamount %d", chain->fw_logamount); - } - - pe = getprotobynumber(chain->fw_prot); - if (pe) - printf(" %s", pe->p_name); - else - printf(" %u", chain->fw_prot); - - if (chain->fw_flg & IP_FW_F_SME) { - printf(" from me"); - } else { - printf(" from %s", chain->fw_flg & IP_FW_F_INVSRC ? "not " : ""); - - adrt = ntohl(chain->fw_smsk.s_addr); - if (adrt == ULONG_MAX && do_resolv) { - adrt = (chain->fw_src.s_addr); - he = gethostbyaddr((char *)&adrt, - sizeof(u_long), AF_INET); - if (he == NULL) { - printf("%s", inet_ntoa(chain->fw_src)); - } else - printf("%s", he->h_name); - } else { - if (adrt != ULONG_MAX) { - mb = mask_bits(chain->fw_smsk); - if (mb == 0) { - printf("any"); - } else { - if (mb > 0) { - printf("%s", inet_ntoa(chain->fw_src)); - printf("/%d", mb); - } else { - printf("%s", inet_ntoa(chain->fw_src)); - printf(":"); - printf("%s", inet_ntoa(chain->fw_smsk)); - } - } - } else - printf("%s", inet_ntoa(chain->fw_src)); - } - } - - if (chain->fw_prot == IPPROTO_TCP || chain->fw_prot == IPPROTO_UDP) { - comma = " "; - for (i = 0; i < nsp; i++) { - print_port(chain->fw_prot, chain->fw_uar.fw_pts[i], comma); - if (i == 0 && (chain->fw_flg & IP_FW_F_SRNG)) - comma = "-"; - else if (i == 0 && (chain->fw_flg & IP_FW_F_SMSK)) - comma = ":"; - else - comma = ","; - } - } - - if (chain->fw_flg & IP_FW_F_DME) { - printf(" to me"); - } else { - printf(" to %s", chain->fw_flg & IP_FW_F_INVDST ? "not " : ""); - - adrt = ntohl(chain->fw_dmsk.s_addr); - if (adrt == ULONG_MAX && do_resolv) { - adrt = (chain->fw_dst.s_addr); - he = gethostbyaddr((char *)&adrt, - sizeof(u_long), AF_INET); - if (he == NULL) { - printf("%s", inet_ntoa(chain->fw_dst)); - } else - printf("%s", he->h_name); - } else { - if (adrt != ULONG_MAX) { - mb = mask_bits(chain->fw_dmsk); - if (mb == 0) { - printf("any"); - } else { - if (mb > 0) { - printf("%s", inet_ntoa(chain->fw_dst)); - printf("/%d", mb); - } else { - printf("%s", inet_ntoa(chain->fw_dst)); - printf(":"); - printf("%s", inet_ntoa(chain->fw_dmsk)); - } - } - } else - printf("%s", inet_ntoa(chain->fw_dst)); - } - } - - if (chain->fw_prot == IPPROTO_TCP || chain->fw_prot == IPPROTO_UDP) { - comma = " "; - for (i = 0; i < ndp; i++) { - print_port(chain->fw_prot, chain->fw_uar.fw_pts[nsp+i], comma); - if (i == 0 && (chain->fw_flg & IP_FW_F_DRNG)) - comma = "-"; - else if (i == 0 && (chain->fw_flg & IP_FW_F_DMSK)) - comma = ":"; - else - comma = ","; - } - } - - if (chain->fw_flg & IP_FW_F_UID) { - struct passwd *pwd = getpwuid(chain->fw_uid); - - if (pwd) - printf(" uid %s", pwd->pw_name); - else - printf(" uid %u", chain->fw_uid); - } - - if (chain->fw_flg & IP_FW_F_KEEP_S) { - if (chain->next_rule_ptr) - printf(" keep-state %d", (int)chain->next_rule_ptr); - else - printf(" keep-state"); - } - /* Direction */ - if (chain->fw_flg & IP_FW_BRIDGED) - printf(" bridged"); - if ((chain->fw_flg & IP_FW_F_IN) && !(chain->fw_flg & IP_FW_F_OUT)) - printf(" in"); - if (!(chain->fw_flg & IP_FW_F_IN) && (chain->fw_flg & IP_FW_F_OUT)) - printf(" out"); - - /* Handle hack for "via" backwards compatibility */ - if ((chain->fw_flg & IF_FW_F_VIAHACK) == IF_FW_F_VIAHACK) { - print_iface("via", - &chain->fw_in_if, chain->fw_flg & IP_FW_F_IIFNAME); - } else { - /* Receive interface specified */ - if (chain->fw_flg & IP_FW_F_IIFACE) - print_iface("recv", &chain->fw_in_if, - chain->fw_flg & IP_FW_F_IIFNAME); - /* Transmit interface specified */ - if (chain->fw_flg & IP_FW_F_OIFACE) - print_iface("xmit", &chain->fw_out_if, - chain->fw_flg & IP_FW_F_OIFNAME); - } - - if (chain->fw_flg & IP_FW_F_FRAG) - printf(" frag"); - - if (chain->fw_ipopt || chain->fw_ipnopt) { - int _opt_printed = 0; -#define PRINTOPT(x) {if (_opt_printed) printf(",");\ - printf(x); _opt_printed = 1;} - - printf(" ipopt "); - if (chain->fw_ipopt & IP_FW_IPOPT_SSRR) PRINTOPT("ssrr"); - if (chain->fw_ipnopt & IP_FW_IPOPT_SSRR) PRINTOPT("!ssrr"); - if (chain->fw_ipopt & IP_FW_IPOPT_LSRR) PRINTOPT("lsrr"); - if (chain->fw_ipnopt & IP_FW_IPOPT_LSRR) PRINTOPT("!lsrr"); - if (chain->fw_ipopt & IP_FW_IPOPT_RR) PRINTOPT("rr"); - if (chain->fw_ipnopt & IP_FW_IPOPT_RR) PRINTOPT("!rr"); - if (chain->fw_ipopt & IP_FW_IPOPT_TS) PRINTOPT("ts"); - if (chain->fw_ipnopt & IP_FW_IPOPT_TS) PRINTOPT("!ts"); - } - - if (chain->fw_ipflg & IP_FW_IF_TCPEST) - printf(" established"); - else if (chain->fw_tcpf == IP_FW_TCPF_SYN && - chain->fw_tcpnf == IP_FW_TCPF_ACK) - printf(" setup"); - else if (chain->fw_tcpf || chain->fw_tcpnf) { - int _flg_printed = 0; -#define PRINTFLG(x) {if (_flg_printed) printf(",");\ - printf(x); _flg_printed = 1;} - - printf(" tcpflags "); - if (chain->fw_tcpf & IP_FW_TCPF_FIN) PRINTFLG("fin"); - if (chain->fw_tcpnf & IP_FW_TCPF_FIN) PRINTFLG("!fin"); - if (chain->fw_tcpf & IP_FW_TCPF_SYN) PRINTFLG("syn"); - if (chain->fw_tcpnf & IP_FW_TCPF_SYN) PRINTFLG("!syn"); - if (chain->fw_tcpf & IP_FW_TCPF_RST) PRINTFLG("rst"); - if (chain->fw_tcpnf & IP_FW_TCPF_RST) PRINTFLG("!rst"); - if (chain->fw_tcpf & IP_FW_TCPF_PSH) PRINTFLG("psh"); - if (chain->fw_tcpnf & IP_FW_TCPF_PSH) PRINTFLG("!psh"); - if (chain->fw_tcpf & IP_FW_TCPF_ACK) PRINTFLG("ack"); - if (chain->fw_tcpnf & IP_FW_TCPF_ACK) PRINTFLG("!ack"); - if (chain->fw_tcpf & IP_FW_TCPF_URG) PRINTFLG("urg"); - if (chain->fw_tcpnf & IP_FW_TCPF_URG) PRINTFLG("!urg"); - } - if (chain->fw_tcpopt || chain->fw_tcpnopt) { - int _opt_printed = 0; -#define PRINTTOPT(x) {if (_opt_printed) printf(",");\ - printf(x); _opt_printed = 1;} - - printf(" tcpoptions "); - if (chain->fw_tcpopt & IP_FW_TCPOPT_MSS) PRINTTOPT("mss"); - if (chain->fw_tcpnopt & IP_FW_TCPOPT_MSS) PRINTTOPT("!mss"); - if (chain->fw_tcpopt & IP_FW_TCPOPT_WINDOW) PRINTTOPT("window"); - if (chain->fw_tcpnopt & IP_FW_TCPOPT_WINDOW) PRINTTOPT("!window"); - if (chain->fw_tcpopt & IP_FW_TCPOPT_SACK) PRINTTOPT("sack"); - if (chain->fw_tcpnopt & IP_FW_TCPOPT_SACK) PRINTTOPT("!sack"); - if (chain->fw_tcpopt & IP_FW_TCPOPT_TS) PRINTTOPT("ts"); - if (chain->fw_tcpnopt & IP_FW_TCPOPT_TS) PRINTTOPT("!ts"); - if (chain->fw_tcpopt & IP_FW_TCPOPT_CC) PRINTTOPT("cc"); - if (chain->fw_tcpnopt & IP_FW_TCPOPT_CC) PRINTTOPT("!cc"); - } - - if (chain->fw_flg & IP_FW_F_ICMPBIT) { - int type_index; - int first = 1; - - printf(" icmptype"); - - for (type_index = 0; type_index < IP_FW_ICMPTYPES_DIM * sizeof(unsigned) * 8; ++type_index) - if (chain->fw_uar.fw_icmptypes[type_index / (sizeof(unsigned) * 8)] & - (1U << (type_index % (sizeof(unsigned) * 8)))) { - printf("%c%d", first == 1 ? ' ' : ',', type_index); - first = 0; - } - } - printf("\n"); -done: - if (do_resolv) - endservent(); -} - -#ifdef DUMMYNET -int -sort_q(const void *pa, const void *pb) -{ - int rev = (do_sort < 0); - int field = rev ? -do_sort : do_sort; - long long res = 0; - const struct dn_flow_queue *a = pa; - const struct dn_flow_queue *b = pb; - - switch (field) { - case 1: /* pkts */ - res = a->len - b->len; - break; - case 2 : /* bytes */ - res = a->len_bytes - b->len_bytes; - break; - - case 3 : /* tot pkts */ - res = a->tot_pkts - b->tot_pkts; - break; - - case 4 : /* tot bytes */ - res = a->tot_bytes - b->tot_bytes; - break; - } - if (res < 0) - res = -1; - if (res > 0) - res = 1; - return (int)(rev ? res : -res); -} - -static void -list_queues(struct dn_flow_set *fs, struct dn_flow_queue *q) -{ - int l; - - printf(" mask: 0x%02x 0x%08x/0x%04x -> 0x%08x/0x%04x\n", - fs->flow_mask.proto, - fs->flow_mask.src_ip, fs->flow_mask.src_port, - fs->flow_mask.dst_ip, fs->flow_mask.dst_port); - if (fs->rq_elements == 0) - return; - - printf("BKT Prot ___Source IP/port____ " - "____Dest. IP/port____ Tot_pkt/bytes Pkt/Byte Drp\n"); - if (do_sort != 0) - heapsort(q, fs->rq_elements, sizeof(*q), sort_q); - for (l = 0; l < fs->rq_elements; l++) { - struct in_addr ina; - struct protoent *pe; - - ina.s_addr = htonl(q[l].id.src_ip); - printf("%3d ", q[l].hash_slot); - pe = getprotobynumber(q[l].id.proto); - if (pe) - printf("%-4s ", pe->p_name); - else - printf("%4u ", q[l].id.proto); - printf("%15s/%-5d ", inet_ntoa(ina), q[l].id.src_port); - ina.s_addr = htonl(q[l].id.dst_ip); - printf("%15s/%-5d ", - inet_ntoa(ina), q[l].id.dst_port); - printf("%4qu %8qu %2u %4u %3u\n", - q[l].tot_pkts, q[l].tot_bytes, - q[l].len, q[l].len_bytes, q[l].drops); - if (verbose) - printf(" S %20qd F %20qd\n", q[l].S, q[l].F); - } -} - -static void -print_flowset_parms(struct dn_flow_set *fs, char *prefix) -{ - int l; - char qs[30]; - char plr[30]; - char red[90]; /* Display RED parameters */ - - l = fs->qsize; - if (fs->flags_fs & DN_QSIZE_IS_BYTES) { - if (l >= 8192) - sprintf(qs, "%d KB", l / 1024); - else - sprintf(qs, "%d B", l); - } else - sprintf(qs, "%3d sl.", l); - if (fs->plr) - sprintf(plr, "plr %f", 1.0*fs->plr/(double)(0x7fffffff)); - else - plr[0]='\0'; - if (fs->flags_fs & DN_IS_RED) /* RED parameters */ - sprintf(red, - "\n %cRED w_q %f min_th %d max_th %d max_p %f", - (fs->flags_fs & DN_IS_GENTLE_RED)? 'G' : ' ', - 1.0 * fs->w_q / (double)(1 << SCALE_RED), - SCALE_VAL(fs->min_th), - SCALE_VAL(fs->max_th), - 1.0 * fs->max_p / (double)(1 << SCALE_RED) ) ; - else - sprintf(red, "droptail"); - - printf("%s %s%s %d queues (%d buckets) %s\n", prefix, qs, plr, - fs->rq_elements, fs->rq_size, red); -} -#endif /* DUMMYNET */ - -static void -list(ac, av) - int ac; - char **av; -{ - struct ip_fw *rules; - #ifdef DUMMYNET - struct dn_pipe *pipes; - #endif /* DUMMYNET */ - void *data = NULL; - int pcwidth = 0; - int bcwidth = 0; - int n, num = 0; - int nbytes; - - /* get rules or pipes from kernel, resizing array as necessary */ - { - #ifdef DUMMYNET - const int unit = do_pipe ? sizeof(*pipes) : sizeof(*rules); - const int ocmd = do_pipe ? IP_DUMMYNET_GET : IP_FW_GET; - #else /* DUMMYNET */ - const int unit = sizeof(*rules); - const int ocmd = IP_FW_GET; - #endif /* DUMMYNET */ - int nalloc = unit; - nbytes = nalloc; - - while (nbytes >= nalloc) { - nalloc = nalloc * 2 + 200; - nbytes = nalloc; - if ((data = realloc(data, nbytes)) == NULL) - err(EX_OSERR, "realloc"); - rules = data; - rules->version = IP_FW_CURRENT_API_VERSION; - if (getsockopt(s, IPPROTO_IP, ocmd, data, &nbytes) < 0) - #ifdef DUMMYNET - err(EX_OSERR, "getsockopt(IP_%s_GET)", - do_pipe ? "DUMMYNET" : "FW"); - #else /* DUMMYNET */ - err(EX_OSERR, "getsockopt(IP_FW_GET)"); - #endif /* DUMMYNET */ - } - } - - /* display requested pipes */ - #ifdef DUMMYNET - if (do_pipe) { - u_long rulenum; - void *next = data; - struct dn_pipe *p = (struct dn_pipe *) data; - struct dn_flow_set *fs; - struct dn_flow_queue *q; - int l; - - if (ac > 0) - rulenum = strtoul(*av++, NULL, 10); - else - rulenum = 0; - for (; nbytes >= sizeof(*p); p = (struct dn_pipe *)next) { - double b = p->bandwidth; - char buf[30]; - char prefix[80]; - - if (p->next != (struct dn_pipe *)DN_IS_PIPE) - break; - l = sizeof(*p) + p->fs.rq_elements * sizeof(*q); - next = (void *)p + l; - nbytes -= l; - q = (struct dn_flow_queue *)(p+1); - - if (rulenum != 0 && rulenum != p->pipe_nr) - continue; - if (p->if_name[0] != '\0') - sprintf(buf, "%s", p->if_name); - else if (b == 0) - sprintf(buf, "unlimited"); - else if (b >= 1000000) - sprintf(buf, "%7.3f Mbit/s", b/1000000); - else if (b >= 1000) - sprintf(buf, "%7.3f Kbit/s", b/1000); - else - sprintf(buf, "%7.3f bit/s ", b); - - sprintf(prefix, "%05d: %s %4d ms ", - p->pipe_nr, buf, p->delay); - print_flowset_parms(&(p->fs), prefix); - if (verbose) - printf(" V %20qd\n", p->V >> MY_M); - list_queues(&(p->fs), q); - } - fs = (struct dn_flow_set *) next; - for (; nbytes >= sizeof(*fs); fs = (struct dn_flow_set *)next) { - char prefix[80]; - - if (fs->next != (struct dn_flow_set *)DN_IS_QUEUE) - break; - l = sizeof(*fs) + fs->rq_elements * sizeof(*q); - next = (void *)fs + l; - nbytes -= l; - q = (struct dn_flow_queue *)(fs+1); - sprintf(prefix, "q%05d: weight %d pipe %d ", - fs->fs_nr, fs->weight, fs->parent_nr); - print_flowset_parms(fs, prefix); - list_queues(fs, q); - } - free(data); - return; - } - #endif /* DUMMYNET */ - - rules = (struct ip_fw *) data; - /* determine num more accurately */ - num = 0; - while (rules[num].fw_number < 65535) - num++; - num++; /* counting starts from 0 ... */ - /* if showing stats, figure out column widths ahead of time */ - if (do_acct) { - for (n = 0; n < num; n++) { - struct ip_fw *const r = &rules[n]; - char temp[32]; - int width; - - /* packet counter */ - width = sprintf(temp, "%qu", r->fw_pcnt); - if (width > pcwidth) - pcwidth = width; - - /* byte counter */ - width = sprintf(temp, "%qu", r->fw_bcnt); - if (width > bcwidth) - bcwidth = width; - } - } - if (ac == 0) { - /* display all rules */ - for (n = 0; n < num; n++) { - struct ip_fw *const r = &rules[n]; - - show_ipfw(r, pcwidth, bcwidth); - } - } else { - /* display specific rules requested on command line */ - int exitval = EX_OK; - - while (ac--) { - u_long rnum; - char *endptr; - int seen; - - /* convert command line rule # */ - rnum = strtoul(*av++, &endptr, 10); - if (*endptr) { - exitval = EX_USAGE; - warnx("invalid rule number: %s", *(av - 1)); - continue; - } - for (seen = n = 0; n < num; n++) { - struct ip_fw *const r = &rules[n]; - - if (r->fw_number > rnum) - break; - if (r->fw_number == rnum) { - show_ipfw(r, pcwidth, bcwidth); - seen = 1; - } - } - if (!seen) { - /* give precedence to other error(s) */ - if (exitval == EX_OK) - exitval = EX_UNAVAILABLE; - warnx("rule %lu does not exist", rnum); - } - } - if (exitval != EX_OK) - exit(exitval); - } - /* - * show dynamic rules - */ - if (num * sizeof (rules[0]) != nbytes) { - struct ipfw_dyn_rule *d = - (struct ipfw_dyn_rule *)&rules[num]; - struct in_addr a; - struct protoent *pe; - - printf("## Dynamic rules:\n"); - for (;; d++) { - printf("%05d %qu %qu (T %d, # %d) ty %d", - (int)(d->chain), - d->pcnt, d->bcnt, - d->expire, - d->bucket, - d->type); - pe = getprotobynumber(d->id.proto); - if (pe) - printf(" %s,", pe->p_name); - else - printf(" %u,", d->id.proto); - a.s_addr = htonl(d->id.src_ip); - printf(" %s", inet_ntoa(a)); - printf(" %d", d->id.src_port); - switch (d->type) { - default: /* bidir, no mask */ - printf(" <->"); - break; - } - a.s_addr = htonl(d->id.dst_ip); - printf(" %s", inet_ntoa(a)); - printf(" %d", d->id.dst_port); - printf("\n"); - if (d->next == NULL) - break; - } - } - - free(data); -} - -static void -show_usage(const char *fmt, ...) -{ - if (fmt) { - char buf[100]; - va_list args; - - va_start(args, fmt); - vsnprintf(buf, sizeof(buf), fmt, args); - va_end(args); - warnx("error: %s", buf); - } - fprintf(stderr, "usage: ipfw [options]\n" -#ifdef DUMMYNET -" [pipe] flush\n" -#endif /* DUMMYNET */ -" add [number] rule\n" -#ifdef DUMMYNET -" [pipe] delete number ...\n" -" [pipe] list [number ...]\n" -" [pipe] show [number ...]\n" -#endif /* DUMMYNET */ -" zero [number ...]\n" -" resetlog [number ...]\n" -#ifdef DUMMYNET -" pipe number config [pipeconfig]\n" -#endif /* DUMMYNET */ -" rule: [prob ] action proto src dst extras...\n" -" action:\n" -" {allow|permit|accept|pass|deny|drop|reject|unreach code|\n" -" reset|count|skipto num|divert port|tee port|fwd ip|\n" -#ifdef DUMMYNET -" pipe num" -#endif /* DUMMYNET */ -"} [log [logamount count]]\n" -" proto: {ip|tcp|udp|icmp|}\n" -" src: from [not] {me|any|ip[{/bits|:mask}]} [{port|port-port},[port],...]\n" -" dst: to [not] {me|any|ip[{/bits|:mask}]} [{port|port-port},[port],...]\n" -" extras:\n" -" uid {user id}\n" -" fragment (may not be used with ports or tcpflags)\n" -" in\n" -" out\n" -" {xmit|recv|via} {iface|ip|any}\n" -" {established|setup}\n" -" tcpflags [!]{syn|fin|rst|ack|psh|urg},...\n" -" ipoptions [!]{ssrr|lsrr|rr|ts},...\n" -" tcpoptions [!]{mss|window|sack|ts|cc},...\n" -" icmptypes {type[,type]}...\n" -#ifdef DUMMYNET -" pipeconfig:\n" -" {bw|bandwidth} {bit/s|Kbit/s|Mbit/s|Bytes/s|KBytes/s|MBytes/s}\n" -" {bw|bandwidth} interface_name\n" -" delay \n" -" queue {packets|Bytes|KBytes}\n" -" plr \n" -" mask {all| [dst-ip|src-ip|dst-port|src-port|proto] }\n" -" buckets }\n" -" {red|gred} ///\n" -" droptail\n" -#endif /* DUMMYNET */ -); - - exit(EX_USAGE); -} - -static int -lookup_host (host, ipaddr) - char *host; - struct in_addr *ipaddr; -{ - struct hostent *he; - - if (!inet_aton(host, ipaddr)) { - if ((he = gethostbyname(host)) == NULL) - return(-1); - *ipaddr = *(struct in_addr *)he->h_addr_list[0]; - } - return(0); -} - -static void -fill_ip(ipno, mask, acp, avp) - struct in_addr *ipno, *mask; - int *acp; - char ***avp; -{ - int ac = *acp; - char **av = *avp; - char *p = 0, md = 0; - - if (ac && !strncmp(*av, "any", strlen(*av))) { - ipno->s_addr = mask->s_addr = 0; av++; ac--; - } else { - p = strchr(*av, '/'); - if (!p) - p = strchr(*av, ':'); - if (p) { - md = *p; - *p++ = '\0'; - } - - if (lookup_host(*av, ipno) != 0) - show_usage("hostname ``%s'' unknown", *av); - switch (md) { - case ':': - if (!inet_aton(p, mask)) - show_usage("bad netmask ``%s''", p); - break; - case '/': - if (atoi(p) == 0) { - mask->s_addr = 0; - } else if (atoi(p) > 32) { - show_usage("bad width ``%s''", p); - } else { - mask->s_addr = - htonl(~0 << (32 - atoi(p))); - } - break; - default: - mask->s_addr = htonl(~0); - break; - } - ipno->s_addr &= mask->s_addr; - av++; - ac--; - } - *acp = ac; - *avp = av; -} - -static void -fill_reject_code(u_short *codep, char *str) -{ - struct icmpcode *ic; - u_long val; - char *s; - - val = strtoul(str, &s, 0); - if (s != str && *s == '\0' && val < 0x100) { - *codep = val; - return; - } - for (ic = icmpcodes; ic->str; ic++) - if (!strcasecmp(str, ic->str)) { - *codep = ic->code; - return; - } - show_usage("unknown ICMP unreachable code ``%s''", str); -} - -static void -add_port(cnt, ptr, off, port) - u_short *cnt, *ptr, off, port; -{ - if (off + *cnt >= IP_FW_MAX_PORTS) - errx(EX_USAGE, "too many ports (max is %d)", IP_FW_MAX_PORTS); - ptr[off+*cnt] = port; - (*cnt)++; -} - -static int -lookup_port(const char *arg, int proto, int test, int nodash) -{ - int val; - char *earg, buf[32]; - struct servent *s; - char *p, *q; - - snprintf(buf, sizeof(buf), "%s", arg); - - for (p = q = buf; *p; *q++ = *p++) { - if (*p == '\\') { - if (*(p+1)) - p++; - } else { - if (*p == ',' || (nodash && *p == '-')) - break; - } - } - *q = '\0'; - - val = (int) strtoul(buf, &earg, 0); - if (!*buf || *earg) { - char *protocol = NULL; - - if (proto != 0) { - struct protoent *pe = getprotobynumber(proto); - - if (pe) - protocol = pe->p_name; - } - - setservent(1); - if ((s = getservbyname(buf, protocol))) { - val = htons(s->s_port); - } else { - if (!test) { - errx(EX_DATAERR, "unknown port ``%s''", buf); - } - val = -1; - } - } else { - if (val < 0 || val > 0xffff) { - if (!test) { - errx(EX_DATAERR, "port ``%s'' out of range", buf); - } - val = -1; - } - } - return(val); -} - -/* - * return: 0 normally, 1 if first pair is a range, - * 2 if first pair is a port+mask - */ -static int -fill_port(u_short *cnt, u_short *ptr, u_short off, char *arg, int proto) -{ - char *s; - int initial_range = 0; - - for (s = arg; *s && *s != ',' && *s != '-' && *s != ':'; s++) { - if (*s == '\\' && *(s+1)) - s++; - } - if (*s == ':') { - *s++ = '\0'; - if (strchr(arg, ',')) - errx(EX_USAGE, "port/mask must be first in list"); - add_port(cnt, ptr, off, *arg ? lookup_port(arg, proto, 0, 0) : 0x0000); - arg = s; - s = strchr(arg,','); - if (s) - *s++ = '\0'; - add_port(cnt, ptr, off, *arg ? lookup_port(arg, proto, 0, 0) : 0xffff); - arg = s; - initial_range = 2; - } else - if (*s == '-') { - *s++ = '\0'; - if (strchr(arg, ',')) - errx(EX_USAGE, "port range must be first in list"); - add_port(cnt, ptr, off, *arg ? lookup_port(arg, proto, 0, 0) : 0x0000); - arg = s; - s = strchr(arg,','); - if (s) - *s++ = '\0'; - add_port(cnt, ptr, off, *arg ? lookup_port(arg, proto, 0, 0) : 0xffff); - arg = s; - initial_range = 1; - } - while (arg != NULL) { - s = strchr(arg,','); - if (s) - *s++ = '\0'; - add_port(cnt, ptr, off, lookup_port(arg, proto, 0, 0)); - arg = s; - } - return initial_range; -} - -static void -fill_tcpflag(u_char *set, u_char *reset, char **vp) -{ - char *p = *vp,*q; - u_char *d; - - while (p && *p) { - struct tpcflags { - char * name; - u_char value; - } flags[] = { - { "syn", IP_FW_TCPF_SYN }, - { "fin", IP_FW_TCPF_FIN }, - { "ack", IP_FW_TCPF_ACK }, - { "psh", IP_FW_TCPF_PSH }, - { "rst", IP_FW_TCPF_RST }, - { "urg", IP_FW_TCPF_URG } - }; - int i; - - if (*p == '!') { - p++; - d = reset; - } else { - d = set; - } - q = strchr(p, ','); - if (q) - *q++ = '\0'; - for (i = 0; i < sizeof(flags) / sizeof(flags[0]); ++i) - if (!strncmp(p, flags[i].name, strlen(p))) { - *d |= flags[i].value; - break; - } - if (i == sizeof(flags) / sizeof(flags[0])) - show_usage("invalid tcp flag ``%s''", p); - p = q; - } -} - -static void -fill_tcpopts(u_char *set, u_char *reset, char **vp) -{ - char *p = *vp,*q; - u_char *d; - - while (p && *p) { - struct tpcopts { - char * name; - u_char value; - } opts[] = { - { "mss", IP_FW_TCPOPT_MSS }, - { "window", IP_FW_TCPOPT_WINDOW }, - { "sack", IP_FW_TCPOPT_SACK }, - { "ts", IP_FW_TCPOPT_TS }, - { "cc", IP_FW_TCPOPT_CC }, - }; - int i; - - if (*p == '!') { - p++; - d = reset; - } else { - d = set; - } - q = strchr(p, ','); - if (q) - *q++ = '\0'; - for (i = 0; i < sizeof(opts) / sizeof(opts[0]); ++i) - if (!strncmp(p, opts[i].name, strlen(p))) { - *d |= opts[i].value; - break; - } - if (i == sizeof(opts) / sizeof(opts[0])) - show_usage("invalid tcp option ``%s''", p); - p = q; - } -} - -static void -fill_ipopt(u_char *set, u_char *reset, char **vp) -{ - char *p = *vp,*q; - u_char *d; - - while (p && *p) { - if (*p == '!') { - p++; - d = reset; - } else { - d = set; - } - q = strchr(p, ','); - if (q) - *q++ = '\0'; - if (!strncmp(p, "ssrr", strlen(p))) *d |= IP_FW_IPOPT_SSRR; - if (!strncmp(p, "lsrr", strlen(p))) *d |= IP_FW_IPOPT_LSRR; - if (!strncmp(p, "rr", strlen(p))) *d |= IP_FW_IPOPT_RR; - if (!strncmp(p, "ts", strlen(p))) *d |= IP_FW_IPOPT_TS; - p = q; - } -} - -static void -fill_icmptypes(types, vp, fw_flg) - u_long *types; - char **vp; - u_int *fw_flg; -{ - char *c = *vp; - - while (*c) - { - unsigned long icmptype; - - if (*c == ',') - ++c; - - icmptype = strtoul(c, &c, 0); - - if (*c != ',' && *c != '\0') - show_usage("invalid ICMP type"); - - if (icmptype >= IP_FW_ICMPTYPES_DIM * sizeof(unsigned) * 8) - show_usage("ICMP type out of range"); - - types[icmptype / (sizeof(unsigned) * 8)] |= - 1 << (icmptype % (sizeof(unsigned) * 8)); - *fw_flg |= IP_FW_F_ICMPBIT; - } -} - -static void -delete(ac, av) - int ac; - char **av; -{ - struct ip_fw rule; - #ifdef DUMMYNET - struct dn_pipe pipe; - #endif /* DUMMYNET */ - int i; - int exitval = EX_OK; - - memset(&rule, 0, sizeof rule); - #ifdef DUMMYNET - memset(&pipe, 0, sizeof pipe); - #endif /* DUMMYNET */ - rule.version = IP_FW_CURRENT_API_VERSION; - - av++; ac--; - - /* Rule number */ - while (ac && isdigit(**av)) - { - i = atoi(*av); av++; ac--; - - #ifdef DUMMYNET - if (do_pipe) - { - if (do_pipe == 1) pipe.pipe_nr = i; - else pipe.fs.fs_nr = i; - - i = setsockopt(s, IPPROTO_IP, IP_DUMMYNET_DEL, &pipe, sizeof pipe); - if (i) - { - exitval = 1; - warn("rule %u: setsockopt(%s)", do_pipe == 1 ? pipe.pipe_nr : pipe.fs.fs_nr, - "IP_DUMMYNET_DEL"); - } - } - else - #endif /* DUMMYNET */ - { - rule.fw_number = i; - i = setsockopt(s, IPPROTO_IP, IP_FW_DEL, &rule, sizeof rule); - if (i) - { - exitval = EX_UNAVAILABLE; - warn("rule %u: setsockopt(%s)", rule.fw_number, "IP_FW_DEL"); - } - } - } - - if (exitval != EX_OK) - exit(exitval); -} - -static void -verify_interface(union ip_fw_if *ifu) -{ - struct ifreq ifr; - - /* - * If a unit was specified, check for that exact interface. - * If a wildcard was specified, check for unit 0. - */ - snprintf(ifr.ifr_name, sizeof(ifr.ifr_name), "%s%d", - ifu->fu_via_if.name, - ifu->fu_via_if.unit == -1 ? 0 : ifu->fu_via_if.unit); - - if (ioctl(s, SIOCGIFFLAGS, &ifr) < 0) - warnx("warning: interface ``%s'' does not exist", ifr.ifr_name); -} - -static void -fill_iface(char *which, union ip_fw_if *ifu, int *byname, int ac, char *arg) -{ - if (!ac) - show_usage("missing argument for ``%s''", which); - - /* Parse the interface or address */ - if (!strcmp(arg, "any")) { - ifu->fu_via_ip.s_addr = 0; - *byname = 0; - } else if (!isdigit(*arg)) { - char *q; - - *byname = 1; - strncpy(ifu->fu_via_if.name, arg, sizeof(ifu->fu_via_if.name)); - ifu->fu_via_if.name[sizeof(ifu->fu_via_if.name) - 1] = '\0'; - for (q = ifu->fu_via_if.name; - *q && !isdigit(*q) && *q != '*'; q++) - continue; - ifu->fu_via_if.unit = (*q == '*') ? -1 : atoi(q); - *q = '\0'; - verify_interface(ifu); - } else if (!inet_aton(arg, &ifu->fu_via_ip)) { - show_usage("bad ip address ``%s''", arg); - } else - *byname = 0; -} - -#ifdef DUMMYNET -static void -config_pipe(int ac, char **av) -{ - struct dn_pipe pipe; - int i; - char *end; - - memset(&pipe, 0, sizeof pipe); - - av++; ac--; - /* Pipe number */ - if (ac && isdigit(**av)) { - i = atoi(*av); av++; ac--; - if (do_pipe == 1) - pipe.pipe_nr = i; - else - pipe.fs.fs_nr = i; - } - while (ac > 1) { - if (!strncmp(*av, "plr", strlen(*av))) { - - double d = strtod(av[1], NULL); - if (d > 1) - d = 1; - else if (d < 0) - d = 0; - pipe.fs.plr = (int)(d*0x7fffffff); - av+=2; ac-=2; - } else if (!strncmp(*av, "queue", strlen(*av))) { - end = NULL; - pipe.fs.qsize = strtoul(av[1], &end, 0); - if (*end == 'K' || *end == 'k') { - pipe.fs.flags_fs |= DN_QSIZE_IS_BYTES; - pipe.fs.qsize *= 1024; - } else if (*end == 'B' || !strncmp(end, "by", 2)) { - pipe.fs.flags_fs |= DN_QSIZE_IS_BYTES; - } - av+=2; ac-=2; - } else if (!strncmp(*av, "buckets", strlen(*av))) { - pipe.fs.rq_size = strtoul(av[1], NULL, 0); - av+=2; ac-=2; - } else if (!strncmp(*av, "mask", strlen(*av))) { - /* per-flow queue, mask is dst_ip, dst_port, - * src_ip, src_port, proto measured in bits - */ - u_int32_t a; - u_int32_t *par = NULL; - - pipe.fs.flow_mask.dst_ip = 0; - pipe.fs.flow_mask.src_ip = 0; - pipe.fs.flow_mask.dst_port = 0; - pipe.fs.flow_mask.src_port = 0; - pipe.fs.flow_mask.proto = 0; - end = NULL; - av++; ac--; - if (ac >= 1 && !strncmp(*av, "all", strlen(*av))) { - /* special case -- all bits are significant */ - pipe.fs.flow_mask.dst_ip = ~0; - pipe.fs.flow_mask.src_ip = ~0; - pipe.fs.flow_mask.dst_port = ~0; - pipe.fs.flow_mask.src_port = ~0; - pipe.fs.flow_mask.proto = ~0; - pipe.fs.flags_fs |= DN_HAVE_FLOW_MASK; - av++; ac--; - } else { - for (;;) { - if (ac < 1) - break; - if (!strncmp(*av, "dst-ip", strlen(*av))) - par = &(pipe.fs.flow_mask.dst_ip); - else if (!strncmp(*av, "src-ip", strlen(*av))) - par = &(pipe.fs.flow_mask.src_ip); - else if (!strncmp(*av, "dst-port", strlen(*av))) - (u_int16_t *)par = &(pipe.fs.flow_mask.dst_port); - else if (!strncmp(*av, "src-port", strlen(*av))) - (u_int16_t *)par = &(pipe.fs.flow_mask.src_port); - else if (!strncmp(*av, "proto", strlen(*av))) - (u_int8_t *)par = &(pipe.fs.flow_mask.proto); - else - break; - if (ac < 2) - show_usage("mask: %s value missing", *av); - if (*av[1] == '/') { - a = strtoul(av[1]+1, &end, 0); - if (a == 32) /* special case... */ - a = ~0; - else - a = (1 << a) - 1; - fprintf(stderr, " mask is 0x%08x\n", a); - } else - a = strtoul(av[1], &end, 0); - if ((u_int16_t *)par == &(pipe.fs.flow_mask.src_port) || - (u_int16_t *)par == &(pipe.fs.flow_mask.dst_port)) { - if (a >= (1<<16)) - show_usage("mask: %s must be 16 bit, not 0x%08x", - *av, a); - *((u_int16_t *)par) = (u_int16_t) a; - } else if ((u_int8_t *)par == &(pipe.fs.flow_mask.proto)) { - if (a >= (1<<8)) - show_usage("mask: %s must be 8 bit, not 0x%08x", - *av, a); - *((u_int8_t *)par) = (u_int8_t) a; - } else - *par = a; - if (a != 0) - pipe.fs.flags_fs |= DN_HAVE_FLOW_MASK; - av += 2; ac -= 2; - } /* end for */ - } - } else if (!strncmp(*av, "red", strlen(*av)) || - !strncmp(*av, "gred", strlen(*av))) { /* RED enabled */ - pipe.fs.flags_fs |= DN_IS_RED; - if (*av[0] == 'g') - pipe.fs.flags_fs |= DN_IS_GENTLE_RED; - if ((end = strsep(&av[1],"/"))) { - double w_q = strtod(end, NULL); - if (w_q > 1 || w_q <= 0) - show_usage("w_q %f must be 0 < x <= 1", w_q); - pipe.fs.w_q = (int) (w_q * (1 << SCALE_RED)); - } - if ((end = strsep(&av[1],"/"))) { - pipe.fs.min_th = strtoul(end, &end, 0); - if (*end == 'K' || *end == 'k') - pipe.fs.min_th *= 1024; - } - if ((end = strsep(&av[1],"/"))) { - pipe.fs.max_th = strtoul(end, &end, 0); - if (*end == 'K' || *end == 'k') - pipe.fs.max_th *= 1024; - } - if ((end = strsep(&av[1],"/"))) { - double max_p = strtod(end, NULL); - if (max_p > 1 || max_p <= 0) - show_usage("max_p %f must be 0 < x <= 1", max_p); - pipe.fs.max_p = (int) (max_p * (1 << SCALE_RED)); - } - av+=2; ac-=2; - } else if (!strncmp(*av, "droptail", strlen(*av))) { /* DROPTAIL */ - pipe.fs.flags_fs &= ~(DN_IS_RED|DN_IS_GENTLE_RED); - av+=1; ac-=1; - } else { - if (do_pipe == 1) { - /* some commands are only good for pipes. */ - if (!strncmp(*av, "bw", strlen(*av)) || - ! strncmp(*av, "bandwidth", strlen(*av))) { - if (av[1][0] >= 'a' && av[1][0] <= 'z') { - int l = sizeof(pipe.if_name)-1; - /* interface name */ - strncpy(pipe.if_name, av[1], l); - pipe.if_name[l] = '\0'; - pipe.bandwidth = 0; - } else { - pipe.if_name[0] = '\0'; - pipe.bandwidth = strtoul(av[1], &end, 0); - if (*end == 'K' || *end == 'k') - end++, pipe.bandwidth *= 1000; - else if (*end == 'M') - end++, pipe.bandwidth *= 1000000; - if (*end == 'B' || !strncmp(end, "by", 2)) - pipe.bandwidth *= 8; - } - av+=2; ac-=2; - } else if (!strncmp(*av, "delay", strlen(*av))) { - pipe.delay = strtoul(av[1], NULL, 0); - av+=2; ac-=2; - } else - show_usage("unrecognised pipe option ``%s''", *av); - } else { /* this refers to a queue */ - if (!strncmp(*av, "weight", strlen(*av))) { - pipe.fs.weight = strtoul(av[1], &end, 0); - av += 2; - ac -= 2; - } else if (!strncmp(*av, "pipe", strlen(*av))) { - pipe.fs.parent_nr = strtoul(av[1], &end, 0); - av += 2; - ac -= 2; - } else - show_usage("unrecognised option ``%s''", *av); - } - } - } - if (do_pipe == 1) { - if (pipe.pipe_nr == 0) - show_usage("pipe_nr %d must be > 0", pipe.pipe_nr); - if (pipe.delay > 10000) - show_usage("delay %d must be < 10000", pipe.delay); - } else { /* do_pipe == 2, queue */ - if (pipe.fs.parent_nr == 0) - show_usage("pipe %d must be > 0", pipe.fs.parent_nr); - if (pipe.fs.weight >100) - show_usage("weight %d must be <= 100", pipe.fs.weight); - } - if (pipe.fs.flags_fs & DN_QSIZE_IS_BYTES) { - if (pipe.fs.qsize > 1024*1024) - show_usage("queue size %d, must be < 1MB", - pipe.fs.qsize); - } else { - if (pipe.fs.qsize > 100) - show_usage("queue size %d, must be 2 <= x <= 100", - pipe.fs.qsize); - } - if (pipe.fs.flags_fs & DN_IS_RED) { - if (pipe.fs.min_th >= pipe.fs.max_th) - show_usage("min_th %d must be < than max_th %d", - pipe.fs.min_th, pipe.fs.max_th); - if (pipe.fs.max_th == 0) - show_usage("max_th must be > 0"); - if (pipe.bandwidth) { - size_t len; - int lookup_depth, avg_pkt_size; - double s, idle, weight, w_q; - struct clockinfo clock; - int t; - - len = sizeof(int); - if (sysctlbyname("net.inet.ip.dummynet.red_lookup_depth", - &lookup_depth, &len, NULL, 0) == -1) - - errx(1, "sysctlbyname(\"%s\")", - "net.inet.ip.dummynet.red_lookup_depth"); - if (lookup_depth == 0) - show_usage("net.inet.ip.dummynet.red_lookup_depth must" - "greater than zero"); - - len = sizeof(int); - if (sysctlbyname("net.inet.ip.dummynet.red_avg_pkt_size", - &avg_pkt_size, &len, NULL, 0) == -1) - - errx(1, "sysctlbyname(\"%s\")", - "net.inet.ip.dummynet.red_avg_pkt_size"); - if (avg_pkt_size == 0) - show_usage("net.inet.ip.dummynet.red_avg_pkt_size must" - "greater than zero"); - - len = sizeof(struct clockinfo); - if (sysctlbyname("kern.clockrate", - &clock, &len, NULL, 0) == -1) - errx(1, "sysctlbyname(\"%s\")", "kern.clockrate"); - - /* ticks needed for sending a medium-sized packet */ - s = clock.hz * avg_pkt_size * 8 / pipe.bandwidth; - - /* - * max idle time (in ticks) before avg queue size becomes 0. - * NOTA: (3/w_q) is approx the value x so that - * (1-w_q)^x < 10^-3. - */ - w_q = ((double) pipe.fs.w_q) / (1 << SCALE_RED); - idle = s * 3. / w_q; - pipe.fs.lookup_step = (int) idle / lookup_depth; - if (!pipe.fs.lookup_step) - pipe.fs.lookup_step = 1; - weight = 1 - w_q; - for (t = pipe.fs.lookup_step; t > 0; --t) - weight *= weight; - pipe.fs.lookup_weight = (int) (weight * (1 << SCALE_RED)); - } - } -#if 0 - printf("configuring pipe %d bw %d delay %d size %d\n", - pipe.pipe_nr, pipe.bandwidth, pipe.delay, pipe.queue_size); -#endif - i = setsockopt(s,IPPROTO_IP, IP_DUMMYNET_CONFIGURE, &pipe, sizeof pipe); - if (i) - err(1, "setsockopt(%s)", "IP_DUMMYNET_CONFIGURE"); - -} -#endif /* DUMMYNET */ - -static void -add(ac, av) - int ac; - char **av; -{ - struct ip_fw rule; - int i; - u_char proto; - struct protoent *pe; - int saw_xmrc = 0, saw_via = 0; - - memset(&rule, 0, sizeof rule); - rule.version = IP_FW_CURRENT_API_VERSION; - - av++; ac--; - - /* Rule number */ - if (ac && isdigit(**av)) { - rule.fw_number = atoi(*av); av++; ac--; - } - - /* Action */ - if (ac > 1 && !strncmp(*av, "prob", strlen(*av))) { - double d = strtod(av[1], NULL); - if (d <= 0 || d > 1) - show_usage("illegal match prob. %s", av[1]); - if (d != 1) { /* 1 means always match */ - rule.fw_flg |= IP_FW_F_RND_MATCH; - /* we really store dont_match probability */ - (long)rule.pipe_ptr = (long)((1 - d) * 0x7fffffff); - } - av += 2; ac -= 2; - } - - if (ac == 0) - show_usage("missing action"); - if (!strncmp(*av, "accept", strlen(*av)) - || !strncmp(*av, "pass" ,strlen(*av)) - || !strncmp(*av, "allow", strlen(*av)) - || !strncmp(*av, "permit", strlen(*av))) { - rule.fw_flg |= IP_FW_F_ACCEPT; av++; ac--; - } else if (!strncmp(*av, "count", strlen(*av))) { - rule.fw_flg |= IP_FW_F_COUNT; av++; ac--; - } - #ifdef DUMMYNET - else if (!strncmp(*av, "pipe", strlen(*av))) { - rule.fw_flg |= IP_FW_F_PIPE; av++; ac--; - if (!ac) - show_usage("missing pipe number"); - rule.fw_divert_port = strtoul(*av, NULL, 0); av++; ac--; - } else if (!strncmp(*av, "queue", strlen(*av))) { - rule.fw_flg |= IP_FW_F_QUEUE; av++; ac--; - if (!ac) - show_usage("missing queue number"); - rule.fw_divert_port = strtoul(*av, NULL, 0); av++; ac--; - } - #endif /* DUMMYNET */ - else if (!strncmp(*av, "divert", strlen(*av))) { - rule.fw_flg |= IP_FW_F_DIVERT; av++; ac--; - if (!ac) - show_usage("missing %s port", "divert"); - rule.fw_divert_port = strtoul(*av, NULL, 0); av++; ac--; - if (rule.fw_divert_port == 0) { - struct servent *s; - setservent(1); - s = getservbyname(av[-1], "divert"); - if (s != NULL) - rule.fw_divert_port = ntohs(s->s_port); - else - show_usage("illegal %s port", "divert"); - } - } else if (!strncmp(*av, "tee", strlen(*av))) { - rule.fw_flg |= IP_FW_F_TEE; av++; ac--; - if (!ac) - show_usage("missing %s port", "tee divert"); - rule.fw_divert_port = strtoul(*av, NULL, 0); av++; ac--; - if (rule.fw_divert_port == 0) { - struct servent *s; - setservent(1); - s = getservbyname(av[-1], "divert"); - if (s != NULL) - rule.fw_divert_port = ntohs(s->s_port); - else - show_usage("illegal %s port", "tee divert"); - } - } else if (!strncmp(*av, "fwd", strlen(*av)) || - !strncmp(*av, "forward", strlen(*av))) { - struct in_addr dummyip; - char *pp; - rule.fw_flg |= IP_FW_F_FWD; av++; ac--; - if (!ac) - show_usage("missing forwarding IP address"); - rule.fw_fwd_ip.sin_len = sizeof(struct sockaddr_in); - rule.fw_fwd_ip.sin_family = AF_INET; - rule.fw_fwd_ip.sin_port = 0; - pp = strchr(*av, ':'); - if(pp == NULL) - pp = strchr(*av, ','); - if(pp != NULL) - { - *(pp++) = '\0'; - i = lookup_port(pp, 0, 1, 0); - if (i == -1) - show_usage("illegal forwarding port ``%s''", pp); - else - rule.fw_fwd_ip.sin_port = (u_short)i; - } - fill_ip(&(rule.fw_fwd_ip.sin_addr), &dummyip, &ac, &av); - if (rule.fw_fwd_ip.sin_addr.s_addr == 0) - show_usage("illegal forwarding IP address"); - - } else if (!strncmp(*av, "skipto", strlen(*av))) { - rule.fw_flg |= IP_FW_F_SKIPTO; av++; ac--; - if (!ac) - show_usage("missing skipto rule number"); - rule.fw_skipto_rule = strtoul(*av, NULL, 0); av++; ac--; - } else if ((!strncmp(*av, "deny", strlen(*av)) - || !strncmp(*av, "drop", strlen(*av)))) { - rule.fw_flg |= IP_FW_F_DENY; av++; ac--; - } else if (!strncmp(*av, "reject", strlen(*av))) { - rule.fw_flg |= IP_FW_F_REJECT; av++; ac--; - rule.fw_reject_code = ICMP_UNREACH_HOST; - } else if (!strncmp(*av, "reset", strlen(*av))) { - rule.fw_flg |= IP_FW_F_REJECT; av++; ac--; - rule.fw_reject_code = IP_FW_REJECT_RST; /* check TCP later */ - } else if (!strncmp(*av, "unreach", strlen(*av))) { - rule.fw_flg |= IP_FW_F_REJECT; av++; ac--; - fill_reject_code(&rule.fw_reject_code, *av); av++; ac--; - } else if (!strncmp(*av, "check-state", strlen(*av))) { - rule.fw_flg |= IP_FW_F_CHECK_S; av++; ac--; - goto done; - } else { - show_usage("invalid action ``%s''", *av); - } - - /* [log] */ - if (ac && !strncmp(*av, "log", strlen(*av))) { - rule.fw_flg |= IP_FW_F_PRN; av++; ac--; - } - if (ac && !strncmp(*av, "logamount", strlen(*av))) { - if (!(rule.fw_flg & IP_FW_F_PRN)) - show_usage("``logamount'' not valid without ``log''"); - ac--; av++; - if (!ac) - show_usage("``logamount'' requires argument"); - rule.fw_logamount = atoi(*av); - if (rule.fw_logamount < 0) - show_usage("``logamount'' argument must be positive"); - if (rule.fw_logamount == 0) - rule.fw_logamount = -1; - ac--; av++; - } - - /* protocol */ - if (ac == 0) - show_usage("missing protocol"); - if ((proto = atoi(*av)) > 0) { - rule.fw_prot = proto; av++; ac--; - } else if (!strncmp(*av, "all", strlen(*av))) { - rule.fw_prot = IPPROTO_IP; av++; ac--; - } else if ((pe = getprotobyname(*av)) != NULL) { - rule.fw_prot = pe->p_proto; av++; ac--; - } else { - show_usage("invalid protocol ``%s''", *av); - } - - if (rule.fw_prot != IPPROTO_TCP - && (rule.fw_flg & IP_FW_F_COMMAND) == IP_FW_F_REJECT - && rule.fw_reject_code == IP_FW_REJECT_RST) - show_usage("``reset'' is only valid for tcp packets"); - - /* from */ - if (ac && !strncmp(*av, "from", strlen(*av))) { av++; ac--; } - else - show_usage("missing ``from''"); - - if (ac && !strncmp(*av, "not", strlen(*av))) { - rule.fw_flg |= IP_FW_F_INVSRC; - av++; ac--; - } - if (!ac) - show_usage("missing arguments"); - - if (ac && !strncmp(*av, "me", strlen(*av))) { - rule.fw_flg |= IP_FW_F_SME; - av++; ac--; - } else { - fill_ip(&rule.fw_src, &rule.fw_smsk, &ac, &av); - } - - if (ac && (isdigit(**av) || lookup_port(*av, rule.fw_prot, 1, 1) >= 0)) { - u_short nports = 0; - int retval; - - retval = fill_port(&nports, rule.fw_uar.fw_pts, 0, *av, rule.fw_prot); - if (retval == 1) - rule.fw_flg |= IP_FW_F_SRNG; - else if (retval == 2) - rule.fw_flg |= IP_FW_F_SMSK; - IP_FW_SETNSRCP(&rule, nports); - av++; ac--; - } - - /* to */ - if (ac && !strncmp(*av, "to", strlen(*av))) { av++; ac--; } - else - show_usage("missing ``to''"); - - if (ac && !strncmp(*av, "not", strlen(*av))) { - rule.fw_flg |= IP_FW_F_INVDST; - av++; ac--; - } - if (!ac) - show_usage("missing arguments"); - - if (ac && !strncmp(*av, "me", strlen(*av))) { - rule.fw_flg |= IP_FW_F_DME; - av++; ac--; - } else { - fill_ip(&rule.fw_dst, &rule.fw_dmsk, &ac, &av); - } - - if (ac && (isdigit(**av) || lookup_port(*av, rule.fw_prot, 1, 1) >= 0)) { - u_short nports = 0; - int retval; - - retval = fill_port(&nports, - rule.fw_uar.fw_pts, IP_FW_GETNSRCP(&rule), *av, rule.fw_prot); - if (retval == 1) - rule.fw_flg |= IP_FW_F_DRNG; - else if (retval == 2) - rule.fw_flg |= IP_FW_F_DMSK; - IP_FW_SETNDSTP(&rule, nports); - av++; ac--; - } - - if ((rule.fw_prot != IPPROTO_TCP) && (rule.fw_prot != IPPROTO_UDP) - && (IP_FW_GETNSRCP(&rule) || IP_FW_GETNDSTP(&rule))) { - show_usage("only TCP and UDP protocols are valid" - " with port specifications"); - } - - while (ac) { - if (!strncmp(*av, "uid", strlen(*av))) { - struct passwd *pwd; - char *end; - uid_t uid; - - rule.fw_flg |= IP_FW_F_UID; - ac--; av++; - if (!ac) - show_usage("``uid'' requires argument"); - - uid = strtoul(*av, &end, 0); - if (*end == '\0') - pwd = getpwuid(uid); - else - pwd = getpwnam(*av); - if (pwd == NULL) - show_usage("uid \"%s\" is nonexistant", *av); - rule.fw_uid = pwd->pw_uid; - ac--; av++; - continue; - } - if (!strncmp(*av, "in", strlen(*av))) { - rule.fw_flg |= IP_FW_F_IN; - av++; ac--; continue; - } - if (!strncmp(*av, "keep-state", strlen(*av))) { - u_long type; - rule.fw_flg |= IP_FW_F_KEEP_S; - - av++; ac--; - if (ac > 0 && (type = atoi(*av)) != 0) { - (int)rule.next_rule_ptr = type; - av++; ac--; - } - continue; - } - if (!strncmp(*av, "bridged", strlen(*av))) { - rule.fw_flg |= IP_FW_BRIDGED; - av++; ac--; continue; - } - if (!strncmp(*av, "out", strlen(*av))) { - rule.fw_flg |= IP_FW_F_OUT; - av++; ac--; continue; - } - if (ac && !strncmp(*av, "xmit", strlen(*av))) { - union ip_fw_if ifu; - int byname; - - if (saw_via) { -badviacombo: - show_usage("``via'' is incompatible" - " with ``xmit'' and ``recv''"); - } - saw_xmrc = 1; - av++; ac--; - fill_iface("xmit", &ifu, &byname, ac, *av); - rule.fw_out_if = ifu; - rule.fw_flg |= IP_FW_F_OIFACE; - if (byname) - rule.fw_flg |= IP_FW_F_OIFNAME; - av++; ac--; continue; - } - if (ac && !strncmp(*av, "recv", strlen(*av))) { - union ip_fw_if ifu; - int byname; - - if (saw_via) - goto badviacombo; - saw_xmrc = 1; - av++; ac--; - fill_iface("recv", &ifu, &byname, ac, *av); - rule.fw_in_if = ifu; - rule.fw_flg |= IP_FW_F_IIFACE; - if (byname) - rule.fw_flg |= IP_FW_F_IIFNAME; - av++; ac--; continue; - } - if (ac && !strncmp(*av, "via", strlen(*av))) { - union ip_fw_if ifu; - int byname = 0; - - if (saw_xmrc) - goto badviacombo; - saw_via = 1; - av++; ac--; - fill_iface("via", &ifu, &byname, ac, *av); - rule.fw_out_if = rule.fw_in_if = ifu; - if (byname) - rule.fw_flg |= - (IP_FW_F_IIFNAME | IP_FW_F_OIFNAME); - av++; ac--; continue; - } - if (!strncmp(*av, "fragment", strlen(*av))) { - rule.fw_flg |= IP_FW_F_FRAG; - av++; ac--; continue; - } - if (!strncmp(*av, "ipoptions", strlen(*av))) { - av++; ac--; - if (!ac) - show_usage("missing argument" - " for ``ipoptions''"); - fill_ipopt(&rule.fw_ipopt, &rule.fw_ipnopt, av); - av++; ac--; continue; - } - if (rule.fw_prot == IPPROTO_TCP) { - if (!strncmp(*av, "established", strlen(*av))) { - rule.fw_ipflg |= IP_FW_IF_TCPEST; - av++; ac--; continue; - } - if (!strncmp(*av, "setup", strlen(*av))) { - rule.fw_tcpf |= IP_FW_TCPF_SYN; - rule.fw_tcpnf |= IP_FW_TCPF_ACK; - av++; ac--; continue; - } - if (!strncmp(*av, "tcpflags", strlen(*av)) || - !strncmp(*av, "tcpflgs", strlen(*av))) { - av++; ac--; - if (!ac) - show_usage("missing argument" - " for ``tcpflags''"); - fill_tcpflag(&rule.fw_tcpf, &rule.fw_tcpnf, av); - av++; ac--; continue; - } - if (!strncmp(*av, "tcpoptions", strlen(*av)) || - !strncmp(*av, "tcpopts", strlen(*av))) { - av++; ac--; - if (!ac) - show_usage("missing argument" - " for ``tcpoptions''"); - fill_tcpopts(&rule.fw_tcpopt, &rule.fw_tcpnopt, av); - av++; ac--; continue; - } - } - if (rule.fw_prot == IPPROTO_ICMP) { - if (!strncmp(*av, "icmptypes", strlen(*av))) { - av++; ac--; - if (!ac) - show_usage("missing argument" - " for ``icmptypes''"); - fill_icmptypes(rule.fw_uar.fw_icmptypes, - av, &rule.fw_flg); - av++; ac--; continue; - } - } - show_usage("unknown argument ``%s''", *av); - } - - /* No direction specified -> do both directions */ - if (!(rule.fw_flg & (IP_FW_F_OUT|IP_FW_F_IN))) - rule.fw_flg |= (IP_FW_F_OUT|IP_FW_F_IN); - - /* Sanity check interface check, but handle "via" case separately */ - if (saw_via) { - if (rule.fw_flg & IP_FW_F_IN) - rule.fw_flg |= IP_FW_F_IIFACE; - if (rule.fw_flg & IP_FW_F_OUT) - rule.fw_flg |= IP_FW_F_OIFACE; - } else if ((rule.fw_flg & IP_FW_F_OIFACE) && (rule.fw_flg & IP_FW_F_IN)) - show_usage("can't check xmit interface of incoming packets"); - - /* frag may not be used in conjunction with ports or TCP flags */ - if (rule.fw_flg & IP_FW_F_FRAG) { - if (rule.fw_tcpf || rule.fw_tcpnf) - show_usage("can't mix 'frag' and tcpflags"); - - if (rule.fw_nports) - show_usage("can't mix 'frag' and port specifications"); - } - if (rule.fw_flg & IP_FW_F_PRN) { - if (!rule.fw_logamount) { - size_t len = sizeof(int); - - if (sysctlbyname("net.inet.ip.fw.verbose_limit", - &rule.fw_logamount, &len, NULL, 0) == -1) - errx(1, "sysctlbyname(\"%s\")", - "net.inet.ip.fw.verbose_limit"); - } else if (rule.fw_logamount == -1) - rule.fw_logamount = 0; - rule.fw_loghighest = rule.fw_logamount; - } -done: - i = sizeof(rule); - if (getsockopt(s, IPPROTO_IP, IP_FW_ADD, &rule, &i) == -1) - err(EX_UNAVAILABLE, "getsockopt(%s)", "IP_FW_ADD"); - if (!do_quiet) - show_ipfw(&rule, 10, 10); -} - -static void -zero (ac, av) - int ac; - char **av; -{ - struct ip_fw rule; - memset(&rule, 0, sizeof rule); - rule.version = IP_FW_CURRENT_API_VERSION; - - av++; ac--; - - if (!ac) { - /* clear all entries */ - if (setsockopt(s, IPPROTO_IP, IP_FW_ZERO, &rule, sizeof rule) < 0) - err(EX_UNAVAILABLE, "setsockopt(%s)", "IP_FW_ZERO"); - if (!do_quiet) - printf("Accounting cleared.\n"); - } else { - int failed = EX_OK; - - while (ac) { - /* Rule number */ - if (isdigit(**av)) { - rule.fw_number = atoi(*av); av++; ac--; - if (setsockopt(s, IPPROTO_IP, - IP_FW_ZERO, &rule, sizeof rule)) { - warn("rule %u: setsockopt(%s)", rule.fw_number, - "IP_FW_ZERO"); - failed = EX_UNAVAILABLE; - } - else if (!do_quiet) - printf("Entry %d cleared\n", - rule.fw_number); - } else - show_usage("invalid rule number ``%s''", *av); - } - if (failed != EX_OK) - exit(failed); - } -} - -static void -resetlog (ac, av) - int ac; - char **av; -{ - struct ip_fw rule; - memset(&rule, 0, sizeof rule); - rule.version = IP_FW_CURRENT_API_VERSION; - - av++; ac--; - - if (!ac) { - /* clear all entries */ - if (setsockopt(s, IPPROTO_IP, IP_FW_RESETLOG, &rule, sizeof rule) < 0) - err(EX_UNAVAILABLE, "setsockopt(%s)", "IP_FW_RESETLOG"); - if (!do_quiet) - printf("Logging counts reset.\n"); - } else { - int failed = EX_OK; - - while (ac) { - /* Rule number */ - if (isdigit(**av)) { - rule.fw_number = atoi(*av); av++; ac--; - if (setsockopt(s, IPPROTO_IP, - IP_FW_RESETLOG, &rule, sizeof rule)) { - warn("rule %u: setsockopt(%s)", rule.fw_number, - "IP_FW_RESETLOG"); - failed = EX_UNAVAILABLE; - } - else if (!do_quiet) - printf("Entry %d logging count reset\n", - rule.fw_number); - } else - show_usage("invalid rule number ``%s''", *av); - } - if (failed != EX_OK) - exit(failed); - } -} - -static int -ipfw_main(ac, av) - int ac; - char **av; -{ - - int ch; - - if (ac == 1) { - show_usage(NULL); - } - - /* Set the force flag for non-interactive processes */ - do_force = !isatty(STDIN_FILENO); - - optind = optreset = 1; - while ((ch = getopt(ac, av, "s:afqtvN")) != -1) - switch(ch) { - case 's': /* sort */ - do_sort= atoi(optarg); - break; - case 'a': - do_acct = 1; - break; - case 'f': - do_force = 1; - break; - case 'q': - do_quiet = 1; - break; - case 't': - do_time = 1; - break; - case 'v': /* verbose */ - verbose++; - break; - case 'N': - do_resolv = 1; - break; - default: - show_usage(NULL); - } - - ac -= optind; - if (*(av+=optind)==NULL) { - show_usage("bad arguments"); - } - - #ifdef DUMMYNET - if (!strncmp(*av, "pipe", strlen(*av))) { - do_pipe = 1; - ac--; - av++; - } else if (!strncmp(*av, "queue", strlen(*av))) { - do_pipe = 2; - ac--; - av++; - } - if (!ac) { - show_usage("pipe requires arguments"); - } - #endif /* DUMMYNET */ - - /* allow argument swapping */ - if (ac > 1 && *av[0] >= '0' && *av[0] <= '9') { - char *p = av[0]; - av[0] = av[1]; - av[1] = p; - } - if (!strncmp(*av, "add", strlen(*av))) { - add(ac, av); - } - #ifdef DUMMYNET - else if (do_pipe && !strncmp(*av, "config", strlen(*av))) { - config_pipe(ac, av); - } - #endif /* DUMMYNET */ - else if (!strncmp(*av, "delete", strlen(*av))) { - delete(ac, av); - } else if (!strncmp(*av, "flush", strlen(*av))) { - int do_flush = 0; - - if (do_force || do_quiet) - do_flush = 1; - else { - int c; - - /* Ask the user */ - printf("Are you sure? [yn] "); - fflush(stdout); - do { - c = toupper(getc(stdin)); - while (c != '\n' && getc(stdin) != '\n') - if (feof(stdin)) - return (0); - } while (c != 'Y' && c != 'N'); - printf("\n"); - if (c == 'Y') - do_flush = 1; - } - if (do_flush) { - int error = 0; - - #ifdef DUMMYNET - if (do_pipe) - { - error = setsockopt(s, IPPROTO_IP, IP_DUMMYNET_FLUSH, NULL, 0); - } - else - #endif /* DUMMYNET */ - { - struct ip_fw rule; - memset(&rule, 0, sizeof rule); - rule.version = IP_FW_CURRENT_API_VERSION; - error = setsockopt(s, IPPROTO_IP, IP_FW_FLUSH, &rule, sizeof rule); - } - - if (error < 0) - #ifdef DUMMYNET - err(EX_UNAVAILABLE, "setsockopt(IP_%s_FLUSH)", - do_pipe ? "DUMMYNET" : "FW"); - #else /* DUMMYNET */ - err(EX_UNAVAILABLE, "setsockopt(IP_FW_FLUSH)"); - #endif /* DUMMYNET */ - if (!do_quiet) - #ifdef DUMMYNET - printf("Flushed all %s.\n", - do_pipe ? "pipes" : "rules"); - #else /* DUMMYNET */ - printf("Flushed all rules.\n"); - #endif /* DUMMYNET */ - } - } else if (!strncmp(*av, "zero", strlen(*av))) { - zero(ac, av); - } else if (!strncmp(*av, "resetlog", strlen(*av))) { - resetlog(ac, av); - } else if (!strncmp(*av, "print", strlen(*av))) { - list(--ac, ++av); - } else if (!strncmp(*av, "list", strlen(*av))) { - list(--ac, ++av); - } else if (!strncmp(*av, "show", strlen(*av))) { - do_acct++; - list(--ac, ++av); - } else { - show_usage("bad arguments"); - } - return 0; -} - -int -main(ac, av) - int ac; - char **av; -{ -#define MAX_ARGS 32 -#define WHITESP " \t\f\v\n\r" - char buf[BUFSIZ]; - char *a, *p, *args[MAX_ARGS], *cmd = NULL; - char linename[10]; - int i, c, lineno, qflag, pflag, status; - FILE *f = NULL; - pid_t preproc = 0; - - s = socket(AF_INET, SOCK_RAW, IPPROTO_RAW); - if (s < 0) - err(EX_UNAVAILABLE, "socket"); - - setbuf(stdout, 0); - - /* - * this is a nasty check on the last argument!!! - * If there happens to be a filename matching a keyword in the current - * directory, things will fail miserably. - */ - - if (ac > 1 && av[ac - 1][0] == '/' && access(av[ac - 1], R_OK) == 0) { - qflag = pflag = i = 0; - lineno = 0; - - while ((c = getopt(ac, av, "D:U:p:q")) != -1) - switch(c) { - case 'D': - if (!pflag) - errx(EX_USAGE, "-D requires -p"); - if (i > MAX_ARGS - 2) - errx(EX_USAGE, - "too many -D or -U options"); - args[i++] = "-D"; - args[i++] = optarg; - break; - - case 'U': - if (!pflag) - errx(EX_USAGE, "-U requires -p"); - if (i > MAX_ARGS - 2) - errx(EX_USAGE, - "too many -D or -U options"); - args[i++] = "-U"; - args[i++] = optarg; - break; - - case 'p': - pflag = 1; - cmd = optarg; - args[0] = cmd; - i = 1; - break; - - case 'q': - qflag = 1; - break; - - default: - show_usage(NULL); - } - - av += optind; - ac -= optind; - if (ac != 1) - show_usage("extraneous filename arguments"); - - if ((f = fopen(av[0], "r")) == NULL) - err(EX_UNAVAILABLE, "fopen: %s", av[0]); - - if (pflag) { - /* pipe through preprocessor (cpp or m4) */ - int pipedes[2]; - - args[i] = 0; - - if (pipe(pipedes) == -1) - err(EX_OSERR, "cannot create pipe"); - - switch((preproc = fork())) { - case -1: - err(EX_OSERR, "cannot fork"); - - case 0: - /* child */ - if (dup2(fileno(f), 0) == -1 - || dup2(pipedes[1], 1) == -1) - err(EX_OSERR, "dup2()"); - fclose(f); - close(pipedes[1]); - close(pipedes[0]); - execvp(cmd, args); - err(EX_OSERR, "execvp(%s) failed", cmd); - - default: - /* parent */ - fclose(f); - close(pipedes[1]); - if ((f = fdopen(pipedes[0], "r")) == NULL) { - int savederrno = errno; - - (void)kill(preproc, SIGTERM); - errno = savederrno; - err(EX_OSERR, "fdopen()"); - } - } - } - - while (fgets(buf, BUFSIZ, f)) { - lineno++; - sprintf(linename, "Line %d", lineno); - args[0] = linename; - - if (*buf == '#') - continue; - if ((p = strchr(buf, '#')) != NULL) - *p = '\0'; - i = 1; - if (qflag) - args[i++] = "-q"; - for (a = strtok(buf, WHITESP); - a && i < MAX_ARGS; a = strtok(NULL, WHITESP), i++) - args[i] = a; - if (i == (qflag? 2: 1)) - continue; - if (i == MAX_ARGS) - errx(EX_USAGE, "%s: too many arguments", - linename); - args[i] = NULL; - - ipfw_main(i, args); - } - fclose(f); - if (pflag) { - if (waitpid(preproc, &status, 0) == -1) - errx(EX_OSERR, "waitpid()"); - if (WIFEXITED(status) && WEXITSTATUS(status) != EX_OK) - errx(EX_UNAVAILABLE, - "preprocessor exited with status %d", - WEXITSTATUS(status)); - else if (WIFSIGNALED(status)) - errx(EX_UNAVAILABLE, - "preprocessor exited with signal %d", - WTERMSIG(status)); - } - } else { - ipfw_main(ac, av); - } - return EX_OK; -} diff --git a/ipfw.tproj/ipfw2.c b/ipfw.tproj/ipfw2.c new file mode 100644 index 0000000..dcf7543 --- /dev/null +++ b/ipfw.tproj/ipfw2.c @@ -0,0 +1,4034 @@ +/* + * Copyright (c) 2002 Apple Computer, Inc. All rights reserved. + * + * @APPLE_LICENSE_HEADER_START@ + * + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. + * + * The Original Code and all software distributed under the License are + * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER + * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, + * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. + * + * @APPLE_LICENSE_HEADER_END@ + */ +/* + * Copyright (c) 2002-2003 Luigi Rizzo + * Copyright (c) 1996 Alex Nash, Paul Traina, Poul-Henning Kamp + * Copyright (c) 1994 Ugen J.S.Antsilevich + * + * Idea and grammar partially left from: + * Copyright (c) 1993 Daniel Boulet + * + * Redistribution and use in source forms, with and without modification, + * are permitted provided that this entire comment appears intact. + * + * Redistribution in binary form may occur without any restrictions. + * Obviously, it would be nice if you gave credit where credit is due + * but requiring it would be too onerous. + * + * This software is provided ``AS IS'' without any warranties of any kind. + * + * NEW command line interface for IP firewall facility + * + * $FreeBSD: /repoman/r/ncvs/src/sbin/ipfw/ipfw2.c,v 1.4.2.18 2003/09/15 10:27:03 luigi Exp $ + */ + +#include +#include +#include +#include +#include +#include +#include + +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + +#include +#include +#include +#include +#include +#define IPFW2 +#include +#undef IPFW2 +#include /* def. of struct route */ +#include +#include +#include + +int + do_resolv, /* Would try to resolve all */ + do_time, /* Show time stamps */ + do_quiet, /* Be quiet in add and flush */ + do_pipe, /* this cmd refers to a pipe */ + do_sort, /* field to sort results (0 = no) */ + do_dynamic, /* display dynamic rules */ + do_expired, /* display expired dynamic rules */ + do_compact, /* show rules in compact mode */ + show_sets, /* display rule sets */ + test_only, /* only check syntax */ + verbose; + +#define IP_MASK_ALL 0xffffffff + +/* + * _s_x is a structure that stores a string <-> token pairs, used in + * various places in the parser. Entries are stored in arrays, + * with an entry with s=NULL as terminator. + * The search routines are match_token() and match_value(). + * Often, an element with x=0 contains an error string. + * + */ +struct _s_x { + char const *s; + int x; +}; + +static struct _s_x f_tcpflags[] = { + { "syn", TH_SYN }, + { "fin", TH_FIN }, + { "ack", TH_ACK }, + { "psh", TH_PUSH }, + { "rst", TH_RST }, + { "urg", TH_URG }, + { "tcp flag", 0 }, + { NULL, 0 } +}; + +static struct _s_x f_tcpopts[] = { + { "mss", IP_FW_TCPOPT_MSS }, + { "maxseg", IP_FW_TCPOPT_MSS }, + { "window", IP_FW_TCPOPT_WINDOW }, + { "sack", IP_FW_TCPOPT_SACK }, + { "ts", IP_FW_TCPOPT_TS }, + { "timestamp", IP_FW_TCPOPT_TS }, + { "cc", IP_FW_TCPOPT_CC }, + { "tcp option", 0 }, + { NULL, 0 } +}; + +/* + * IP options span the range 0 to 255 so we need to remap them + * (though in fact only the low 5 bits are significant). + */ +static struct _s_x f_ipopts[] = { + { "ssrr", IP_FW_IPOPT_SSRR}, + { "lsrr", IP_FW_IPOPT_LSRR}, + { "rr", IP_FW_IPOPT_RR}, + { "ts", IP_FW_IPOPT_TS}, + { "ip option", 0 }, + { NULL, 0 } +}; + +static struct _s_x f_iptos[] = { + { "lowdelay", IPTOS_LOWDELAY}, + { "throughput", IPTOS_THROUGHPUT}, + { "reliability", IPTOS_RELIABILITY}, + { "mincost", IPTOS_MINCOST}, + { "congestion", IPTOS_CE}, + { "ecntransport", IPTOS_ECT}, + { "ip tos option", 0}, + { NULL, 0 } +}; + +static struct _s_x limit_masks[] = { + {"all", DYN_SRC_ADDR|DYN_SRC_PORT|DYN_DST_ADDR|DYN_DST_PORT}, + {"src-addr", DYN_SRC_ADDR}, + {"src-port", DYN_SRC_PORT}, + {"dst-addr", DYN_DST_ADDR}, + {"dst-port", DYN_DST_PORT}, + {NULL, 0} +}; + +/* + * we use IPPROTO_ETHERTYPE as a fake protocol id to call the print routines + * This is only used in this code. + */ +#define IPPROTO_ETHERTYPE 0x1000 +static struct _s_x ether_types[] = { + /* + * Note, we cannot use "-:&/" in the names because they are field + * separators in the type specifications. Also, we use s = NULL as + * end-delimiter, because a type of 0 can be legal. + */ + { "ip", 0x0800 }, + { "ipv4", 0x0800 }, + { "ipv6", 0x86dd }, + { "arp", 0x0806 }, + { "rarp", 0x8035 }, + { "vlan", 0x8100 }, + { "loop", 0x9000 }, + { "trail", 0x1000 }, + { "at", 0x809b }, + { "atalk", 0x809b }, + { "aarp", 0x80f3 }, + { "pppoe_disc", 0x8863 }, + { "pppoe_sess", 0x8864 }, + { "ipx_8022", 0x00E0 }, + { "ipx_8023", 0x0000 }, + { "ipx_ii", 0x8137 }, + { "ipx_snap", 0x8137 }, + { "ipx", 0x8137 }, + { "ns", 0x0600 }, + { NULL, 0 } +}; + +static void show_usage(void); + +enum tokens { + TOK_NULL=0, + + TOK_OR, + TOK_NOT, + TOK_STARTBRACE, + TOK_ENDBRACE, + + TOK_ACCEPT, + TOK_COUNT, + TOK_PIPE, + TOK_QUEUE, + TOK_DIVERT, + TOK_TEE, + TOK_FORWARD, + TOK_SKIPTO, + TOK_DENY, + TOK_REJECT, + TOK_RESET, + TOK_UNREACH, + TOK_CHECKSTATE, + + TOK_UID, + TOK_GID, + TOK_IN, + TOK_LIMIT, + TOK_KEEPSTATE, + TOK_LAYER2, + TOK_OUT, + TOK_XMIT, + TOK_RECV, + TOK_VIA, + TOK_FRAG, + TOK_IPOPTS, + TOK_IPLEN, + TOK_IPID, + TOK_IPPRECEDENCE, + TOK_IPTOS, + TOK_IPTTL, + TOK_IPVER, + TOK_ESTAB, + TOK_SETUP, + TOK_TCPFLAGS, + TOK_TCPOPTS, + TOK_TCPSEQ, + TOK_TCPACK, + TOK_TCPWIN, + TOK_ICMPTYPES, + TOK_MAC, + TOK_MACTYPE, + TOK_VERREVPATH, + TOK_IPSEC, + TOK_COMMENT, + + TOK_PLR, + TOK_NOERROR, + TOK_BUCKETS, + TOK_DSTIP, + TOK_SRCIP, + TOK_DSTPORT, + TOK_SRCPORT, + TOK_ALL, + TOK_MASK, + TOK_BW, + TOK_DELAY, + TOK_RED, + TOK_GRED, + TOK_DROPTAIL, + TOK_PROTO, + TOK_WEIGHT, +}; + +struct _s_x dummynet_params[] = { + { "plr", TOK_PLR }, + { "noerror", TOK_NOERROR }, + { "buckets", TOK_BUCKETS }, + { "dst-ip", TOK_DSTIP }, + { "src-ip", TOK_SRCIP }, + { "dst-port", TOK_DSTPORT }, + { "src-port", TOK_SRCPORT }, + { "proto", TOK_PROTO }, + { "weight", TOK_WEIGHT }, + { "all", TOK_ALL }, + { "mask", TOK_MASK }, + { "droptail", TOK_DROPTAIL }, + { "red", TOK_RED }, + { "gred", TOK_GRED }, + { "bw", TOK_BW }, + { "bandwidth", TOK_BW }, + { "delay", TOK_DELAY }, + { "pipe", TOK_PIPE }, + { "queue", TOK_QUEUE }, + { "dummynet-params", TOK_NULL }, + { NULL, 0 } /* terminator */ +}; + +struct _s_x rule_actions[] = { + { "accept", TOK_ACCEPT }, + { "pass", TOK_ACCEPT }, + { "allow", TOK_ACCEPT }, + { "permit", TOK_ACCEPT }, + { "count", TOK_COUNT }, + { "pipe", TOK_PIPE }, + { "queue", TOK_QUEUE }, + { "divert", TOK_DIVERT }, + { "tee", TOK_TEE }, + { "fwd", TOK_FORWARD }, + { "forward", TOK_FORWARD }, + { "skipto", TOK_SKIPTO }, + { "deny", TOK_DENY }, + { "drop", TOK_DENY }, + { "reject", TOK_REJECT }, + { "reset", TOK_RESET }, + { "unreach", TOK_UNREACH }, + { "check-state", TOK_CHECKSTATE }, + { "//", TOK_COMMENT }, + { NULL, 0 } /* terminator */ +}; + +struct _s_x rule_options[] = { + { "uid", TOK_UID }, + { "gid", TOK_GID }, + { "in", TOK_IN }, + { "limit", TOK_LIMIT }, + { "keep-state", TOK_KEEPSTATE }, + { "bridged", TOK_LAYER2 }, + { "layer2", TOK_LAYER2 }, + { "out", TOK_OUT }, + { "xmit", TOK_XMIT }, + { "recv", TOK_RECV }, + { "via", TOK_VIA }, + { "fragment", TOK_FRAG }, + { "frag", TOK_FRAG }, + { "ipoptions", TOK_IPOPTS }, + { "ipopts", TOK_IPOPTS }, + { "iplen", TOK_IPLEN }, + { "ipid", TOK_IPID }, + { "ipprecedence", TOK_IPPRECEDENCE }, + { "iptos", TOK_IPTOS }, + { "ipttl", TOK_IPTTL }, + { "ipversion", TOK_IPVER }, + { "ipver", TOK_IPVER }, + { "estab", TOK_ESTAB }, + { "established", TOK_ESTAB }, + { "setup", TOK_SETUP }, + { "tcpflags", TOK_TCPFLAGS }, + { "tcpflgs", TOK_TCPFLAGS }, + { "tcpoptions", TOK_TCPOPTS }, + { "tcpopts", TOK_TCPOPTS }, + { "tcpseq", TOK_TCPSEQ }, + { "tcpack", TOK_TCPACK }, + { "tcpwin", TOK_TCPWIN }, + { "icmptype", TOK_ICMPTYPES }, + { "icmptypes", TOK_ICMPTYPES }, + { "dst-ip", TOK_DSTIP }, + { "src-ip", TOK_SRCIP }, + { "dst-port", TOK_DSTPORT }, + { "src-port", TOK_SRCPORT }, + { "proto", TOK_PROTO }, + { "MAC", TOK_MAC }, + { "mac", TOK_MAC }, + { "mac-type", TOK_MACTYPE }, + { "verrevpath", TOK_VERREVPATH }, + { "ipsec", TOK_IPSEC }, + { "//", TOK_COMMENT }, + + { "not", TOK_NOT }, /* pseudo option */ + { "!", /* escape ? */ TOK_NOT }, /* pseudo option */ + { "or", TOK_OR }, /* pseudo option */ + { "|", /* escape */ TOK_OR }, /* pseudo option */ + { "{", TOK_STARTBRACE }, /* pseudo option */ + { "(", TOK_STARTBRACE }, /* pseudo option */ + { "}", TOK_ENDBRACE }, /* pseudo option */ + { ")", TOK_ENDBRACE }, /* pseudo option */ + { NULL, 0 } /* terminator */ +}; + +static __inline uint64_t +align_uint64(uint64_t *pll) { + uint64_t ret; + + bcopy (pll, &ret, sizeof(ret)); + return ret; +}; + +/* + * conditionally runs the command. + */ +static int +do_cmd(int optname, void *optval, uintptr_t optlen) +{ + static int s = -1; /* the socket */ + int i; + + if (test_only) + return 0; + + if (s == -1) + s = socket(AF_INET, SOCK_RAW, IPPROTO_RAW); + if (s < 0) + err(EX_UNAVAILABLE, "socket"); + + switch (optname) { + case IP_FW_GET: + case IP_FW_FLUSH: + case IP_FW_ADD: + case IP_FW_DEL: + case IP_FW_ZERO: + case IP_FW_RESETLOG: + ((struct ip_fw *)optval)->version = IP_FW_CURRENT_API_VERSION; + default: + break; + } + + if (optname == IP_FW_GET || optname == IP_DUMMYNET_GET || + optname == IP_FW_ADD) + i = getsockopt(s, IPPROTO_IP, optname, optval, + (socklen_t *)optlen); + else + i = setsockopt(s, IPPROTO_IP, optname, optval, optlen); + return i; +} + +/** + * match_token takes a table and a string, returns the value associated + * with the string (-1 in case of failure). + */ +static int +match_token(struct _s_x *table, char *string) +{ + struct _s_x *pt; + uint i = strlen(string); + + for (pt = table ; i && pt->s != NULL ; pt++) + if (strlen(pt->s) == i && !bcmp(string, pt->s, i)) + return pt->x; + return -1; +}; + +/** + * match_value takes a table and a value, returns the string associated + * with the value (NULL in case of failure). + */ +static char const * +match_value(struct _s_x *p, int value) +{ + for (; p->s != NULL; p++) + if (p->x == value) + return p->s; + return NULL; +} + +/* + * prints one port, symbolic or numeric + */ +static void +print_port(int proto, uint16_t port) +{ + + if (proto == IPPROTO_ETHERTYPE) { + char const *s; + + if (do_resolv && (s = match_value(ether_types, port)) ) + printf("%s", s); + else + printf("0x%04x", port); + } else { + struct servent *se = NULL; + if (do_resolv) { + struct protoent *pe = getprotobynumber(proto); + + se = getservbyport(htons(port), pe ? pe->p_name : NULL); + } + if (se) + printf("%s", se->s_name); + else + printf("%d", port); + } +} + +struct _s_x _port_name[] = { + {"dst-port", O_IP_DSTPORT}, + {"src-port", O_IP_SRCPORT}, + {"ipid", O_IPID}, + {"iplen", O_IPLEN}, + {"ipttl", O_IPTTL}, + {"mac-type", O_MAC_TYPE}, + {NULL, 0} +}; + +/* + * Print the values in a list 16-bit items of the types above. + * XXX todo: add support for mask. + */ +static void +print_newports(ipfw_insn_u16 *cmd, int proto, int opcode) +{ + uint16_t *p = cmd->ports; + int i; + char const *sep; + + if (cmd->o.len & F_NOT) + printf(" not"); + if (opcode != 0) { + sep = match_value(_port_name, opcode); + if (sep == NULL) + sep = "???"; + printf (" %s", sep); + } + sep = " "; + for (i = F_LEN((ipfw_insn *)cmd) - 1; i > 0; i--, p += 2) { + printf(sep); + print_port(proto, p[0]); + if (p[0] != p[1]) { + printf("-"); + print_port(proto, p[1]); + } + sep = ","; + } +} + +/* + * Like strtol, but also translates service names into port numbers + * for some protocols. + * In particular: + * proto == -1 disables the protocol check; + * proto == IPPROTO_ETHERTYPE looks up an internal table + * proto == matches the values there. + * Returns *end == s in case the parameter is not found. + */ +static int +strtoport(char *s, char **end, int base, int proto) +{ + char *p, *buf; + char *s1; + int i; + + *end = s; /* default - not found */ + if (*s == '\0') + return 0; /* not found */ + + if (isdigit(*s)) + return strtol(s, end, base); + + /* + * find separator. '\\' escapes the next char. + */ + for (s1 = s; *s1 && (isalnum(*s1) || *s1 == '\\') ; s1++) + if (*s1 == '\\' && s1[1] != '\0') + s1++; + + buf = malloc(s1 - s + 1); + if (buf == NULL) + return 0; + + /* + * copy into a buffer skipping backslashes + */ + for (p = s, i = 0; p != s1 ; p++) + if (*p != '\\') + buf[i++] = *p; + buf[i++] = '\0'; + + if (proto == IPPROTO_ETHERTYPE) { + i = match_token(ether_types, buf); + free(buf); + if (i != -1) { /* found */ + *end = s1; + return i; + } + } else { + struct protoent *pe = NULL; + struct servent *se; + + if (proto != 0) + pe = getprotobynumber(proto); + setservent(1); + se = getservbyname(buf, pe ? pe->p_name : NULL); + free(buf); + if (se != NULL) { + *end = s1; + return ntohs(se->s_port); + } + } + return 0; /* not found */ +} + +/* + * Fill the body of the command with the list of port ranges. + */ +static int +fill_newports(ipfw_insn_u16 *cmd, char *av, int proto) +{ + uint16_t a, b, *p = cmd->ports; + int i = 0; + char *s = av; + + while (*s) { + a = strtoport(av, &s, 0, proto); + if (s == av) /* no parameter */ + break; + if (*s == '-') { /* a range */ + av = s+1; + b = strtoport(av, &s, 0, proto); + if (s == av) /* no parameter */ + break; + p[0] = a; + p[1] = b; + } else if (*s == ',' || *s == '\0' ) + p[0] = p[1] = a; + else /* invalid separator */ + errx(EX_DATAERR, "invalid separator <%c> in <%s>\n", + *s, av); + i++; + p += 2; + av = s+1; + } + if (i > 0) { + if (i+1 > F_LEN_MASK) + errx(EX_DATAERR, "too many ports/ranges\n"); + cmd->o.len |= i+1; /* leave F_NOT and F_OR untouched */ + } + return i; +} + +static struct _s_x icmpcodes[] = { + { "net", ICMP_UNREACH_NET }, + { "host", ICMP_UNREACH_HOST }, + { "protocol", ICMP_UNREACH_PROTOCOL }, + { "port", ICMP_UNREACH_PORT }, + { "needfrag", ICMP_UNREACH_NEEDFRAG }, + { "srcfail", ICMP_UNREACH_SRCFAIL }, + { "net-unknown", ICMP_UNREACH_NET_UNKNOWN }, + { "host-unknown", ICMP_UNREACH_HOST_UNKNOWN }, + { "isolated", ICMP_UNREACH_ISOLATED }, + { "net-prohib", ICMP_UNREACH_NET_PROHIB }, + { "host-prohib", ICMP_UNREACH_HOST_PROHIB }, + { "tosnet", ICMP_UNREACH_TOSNET }, + { "toshost", ICMP_UNREACH_TOSHOST }, + { "filter-prohib", ICMP_UNREACH_FILTER_PROHIB }, + { "host-precedence", ICMP_UNREACH_HOST_PRECEDENCE }, + { "precedence-cutoff", ICMP_UNREACH_PRECEDENCE_CUTOFF }, + { NULL, 0 } +}; + +static void +fill_reject_code(u_short *codep, char *str) +{ + int val; + char *s; + + val = strtoul(str, &s, 0); + if (s == str || *s != '\0' || val >= 0x100) + val = match_token(icmpcodes, str); + if (val < 0) + errx(EX_DATAERR, "unknown ICMP unreachable code ``%s''", str); + *codep = val; + return; +} + +static void +print_reject_code(uint16_t code) +{ + char const *s = match_value(icmpcodes, code); + + if (s != NULL) + printf("unreach %s", s); + else + printf("unreach %u", code); +} + +/* + * Returns the number of bits set (from left) in a contiguous bitmask, + * or -1 if the mask is not contiguous. + * XXX this needs a proper fix. + * This effectively works on masks in big-endian (network) format. + * when compiled on little endian architectures. + * + * First bit is bit 7 of the first byte -- note, for MAC addresses, + * the first bit on the wire is bit 0 of the first byte. + * len is the max length in bits. + */ +static int +contigmask(uint8_t *p, int len) +{ + int i, n; + + for (i=0; iarg1 & 0xff; + uint8_t clear = (cmd->arg1 >> 8) & 0xff; + + if (list == f_tcpflags && set == TH_SYN && clear == TH_ACK) { + printf(" setup"); + return; + } + + printf(" %s ", name); + for (i=0; list[i].x != 0; i++) { + if (set & list[i].x) { + set &= ~list[i].x; + printf("%s%s", comma, list[i].s); + comma = ","; + } + if (clear & list[i].x) { + clear &= ~list[i].x; + printf("%s!%s", comma, list[i].s); + comma = ","; + } + } +} + +/* + * Print the ip address contained in a command. + */ +static void +print_ip(ipfw_insn_ip *cmd, char const *s) +{ + struct hostent *he = NULL; + int len = F_LEN((ipfw_insn *)cmd); + uint32_t *a = ((ipfw_insn_u32 *)cmd)->d; + + printf("%s%s ", cmd->o.len & F_NOT ? " not": "", s); + + if (cmd->o.opcode == O_IP_SRC_ME || cmd->o.opcode == O_IP_DST_ME) { + printf("me"); + return; + } + if (cmd->o.opcode == O_IP_SRC_SET || cmd->o.opcode == O_IP_DST_SET) { + uint32_t x, *map = (uint32_t *)&(cmd->mask); + int i, j; + char comma = '{'; + + x = cmd->o.arg1 - 1; + x = htonl( ~x ); + cmd->addr.s_addr = htonl(cmd->addr.s_addr); + printf("%s/%d", inet_ntoa(cmd->addr), + contigmask((uint8_t *)&x, 32)); + x = cmd->addr.s_addr = htonl(cmd->addr.s_addr); + x &= 0xff; /* base */ + /* + * Print bits and ranges. + * Locate first bit set (i), then locate first bit unset (j). + * If we have 3+ consecutive bits set, then print them as a + * range, otherwise only print the initial bit and rescan. + */ + for (i=0; i < cmd->o.arg1; i++) + if (map[i/32] & (1<<(i & 31))) { + for (j=i+1; j < cmd->o.arg1; j++) + if (!(map[ j/32] & (1<<(j & 31)))) + break; + printf("%c%d", comma, i+x); + if (j>i+2) { /* range has at least 3 elements */ + printf("-%d", j-1+x); + i = j-1; + } + comma = ','; + } + printf("}"); + return; + } + /* + * len == 2 indicates a single IP, whereas lists of 1 or more + * addr/mask pairs have len = (2n+1). We convert len to n so we + * use that to count the number of entries. + */ + for (len = len / 2; len > 0; len--, a += 2) { + int mb = /* mask length */ + (cmd->o.opcode == O_IP_SRC || cmd->o.opcode == O_IP_DST) ? + 32 : contigmask((uint8_t *)&(a[1]), 32); + if (mb == 32 && do_resolv) + he = gethostbyaddr((char *)&(a[0]), sizeof(u_long), AF_INET); + if (he != NULL) /* resolved to name */ + printf("%s", he->h_name); + else if (mb == 0) /* any */ + printf("any"); + else { /* numeric IP followed by some kind of mask */ + printf("%s", inet_ntoa( *((struct in_addr *)&a[0]) ) ); + if (mb < 0) + printf(":%s", inet_ntoa( *((struct in_addr *)&a[1]) ) ); + else if (mb < 32) + printf("/%d", mb); + } + if (len > 1) + printf(","); + } +} + +/* + * prints a MAC address/mask pair + */ +static void +print_mac(uint8_t *addr, uint8_t *mask) +{ + int l = contigmask(mask, 48); + + if (l == 0) + printf(" any"); + else { + printf(" %02x:%02x:%02x:%02x:%02x:%02x", + addr[0], addr[1], addr[2], addr[3], addr[4], addr[5]); + if (l == -1) + printf("&%02x:%02x:%02x:%02x:%02x:%02x", + mask[0], mask[1], mask[2], + mask[3], mask[4], mask[5]); + else if (l < 48) + printf("/%d", l); + } +} + +static void +fill_icmptypes(ipfw_insn_u32 *cmd, char *av) +{ + uint8_t type; + + cmd->d[0] = 0; + while (*av) { + if (*av == ',') + av++; + + type = strtoul(av, &av, 0); + + if (*av != ',' && *av != '\0') + errx(EX_DATAERR, "invalid ICMP type"); + + if (type > 31) + errx(EX_DATAERR, "ICMP type out of range"); + + cmd->d[0] |= 1 << type; + } + cmd->o.opcode = O_ICMPTYPE; + cmd->o.len |= F_INSN_SIZE(ipfw_insn_u32); +} + +static void +print_icmptypes(ipfw_insn_u32 *cmd) +{ + int i; + char sep= ' '; + + printf(" icmptypes"); + for (i = 0; i < 32; i++) { + if ( (cmd->d[0] & (1 << (i))) == 0) + continue; + printf("%c%d", sep, i); + sep = ','; + } +} + +/* + * show_ipfw() prints the body of an ipfw rule. + * Because the standard rule has at least proto src_ip dst_ip, we use + * a helper function to produce these entries if not provided explicitly. + * The first argument is the list of fields we have, the second is + * the list of fields we want to be printed. + * + * Special cases if we have provided a MAC header: + * + if the rule does not contain IP addresses/ports, do not print them; + * + if the rule does not contain an IP proto, print "all" instead of "ip"; + * + * Once we have 'have_options', IP header fields are printed as options. + */ +#define HAVE_PROTO 0x0001 +#define HAVE_SRCIP 0x0002 +#define HAVE_DSTIP 0x0004 +#define HAVE_MAC 0x0008 +#define HAVE_MACTYPE 0x0010 +#define HAVE_OPTIONS 0x8000 + +#define HAVE_IP (HAVE_PROTO | HAVE_SRCIP | HAVE_DSTIP) +static void +show_prerequisites(int *flags, int want, int cmd) +{ + if ( (*flags & HAVE_IP) == HAVE_IP) + *flags |= HAVE_OPTIONS; + + if ( (*flags & (HAVE_MAC|HAVE_MACTYPE|HAVE_OPTIONS)) == HAVE_MAC && + cmd != O_MAC_TYPE) { + /* + * mac-type was optimized out by the compiler, + * restore it + */ + printf(" any"); + *flags |= HAVE_MACTYPE | HAVE_OPTIONS; + return; + } + if ( !(*flags & HAVE_OPTIONS)) { + if ( !(*flags & HAVE_PROTO) && (want & HAVE_PROTO)) + printf(" ip"); + if ( !(*flags & HAVE_SRCIP) && (want & HAVE_SRCIP)) + printf(" from any"); + if ( !(*flags & HAVE_DSTIP) && (want & HAVE_DSTIP)) + printf(" to any"); + } + *flags |= want; +} + +static void +show_ipfw(struct ip_fw *rule, int pcwidth, int bcwidth) +{ + static int twidth = 0; + int l; + ipfw_insn *cmd; + char *comment = NULL; /* ptr to comment if we have one */ + int proto = 0; /* default */ + int flags = 0; /* prerequisites */ + ipfw_insn_log *logptr = NULL; /* set if we find an O_LOG */ + int or_block = 0; /* we are in an or block */ + uint32_t set_disable; + + bcopy(&rule->next_rule, &set_disable, sizeof(set_disable)); + + if (set_disable & (1 << rule->set)) { /* disabled */ + if (!show_sets) + return; + else + printf("# DISABLED "); + } + printf("%05u ", rule->rulenum); + + if (pcwidth>0 || bcwidth>0) + printf("%*llu %*llu ", pcwidth, align_uint64(&rule->pcnt), + bcwidth, align_uint64(&rule->bcnt)); + + if (do_time == 2) + printf("%10u ", rule->timestamp); + else if (do_time == 1) { + char timestr[30]; + time_t t = (time_t)0; + + if (twidth == 0) { + strcpy(timestr, ctime(&t)); + *strchr(timestr, '\n') = '\0'; + twidth = strlen(timestr); + } + if (rule->timestamp) { +#if _FreeBSD_version < 500000 /* XXX check */ +#define _long_to_time(x) (time_t)(x) +#endif + t = _long_to_time(rule->timestamp); + + strcpy(timestr, ctime(&t)); + *strchr(timestr, '\n') = '\0'; + printf("%s ", timestr); + } else { + printf("%*s", twidth, " "); + } + } + + if (show_sets) + printf("set %d ", rule->set); + + /* + * print the optional "match probability" + */ + if (rule->cmd_len > 0) { + cmd = rule->cmd ; + if (cmd->opcode == O_PROB) { + ipfw_insn_u32 *p = (ipfw_insn_u32 *)cmd; + double d = 1.0 * p->d[0]; + + d = (d / 0x7fffffff); + printf("prob %f ", d); + } + } + + /* + * first print actions + */ + for (l = rule->cmd_len - rule->act_ofs, cmd = ACTION_PTR(rule); + l > 0 ; l -= F_LEN(cmd), cmd += F_LEN(cmd)) { + switch(cmd->opcode) { + case O_CHECK_STATE: + printf("check-state"); + flags = HAVE_IP; /* avoid printing anything else */ + break; + + case O_ACCEPT: + printf("allow"); + break; + + case O_COUNT: + printf("count"); + break; + + case O_DENY: + printf("deny"); + break; + + case O_REJECT: + if (cmd->arg1 == ICMP_REJECT_RST) + printf("reset"); + else if (cmd->arg1 == ICMP_UNREACH_HOST) + printf("reject"); + else + print_reject_code(cmd->arg1); + break; + + case O_SKIPTO: + printf("skipto %u", cmd->arg1); + break; + + case O_PIPE: + printf("pipe %u", cmd->arg1); + break; + + case O_QUEUE: + printf("queue %u", cmd->arg1); + break; + + case O_DIVERT: + printf("divert %u", cmd->arg1); + break; + + case O_TEE: + printf("tee %u", cmd->arg1); + break; + + case O_FORWARD_IP: + { + ipfw_insn_sa *s = (ipfw_insn_sa *)cmd; + + printf("fwd %s", inet_ntoa(s->sa.sin_addr)); + if (s->sa.sin_port) + printf(",%d", s->sa.sin_port); + } + break; + + case O_LOG: /* O_LOG is printed last */ + logptr = (ipfw_insn_log *)cmd; + break; + + default: + printf("** unrecognized action %d len %d", + cmd->opcode, cmd->len); + } + } + if (logptr) { + if (logptr->max_log > 0) + printf(" log logamount %d", logptr->max_log); + else + printf(" log"); + } + + /* + * then print the body. + */ + if (rule->_pad & 1) { /* empty rules before options */ + if (!do_compact) + printf(" ip from any to any"); + flags |= HAVE_IP | HAVE_OPTIONS; + } + + for (l = rule->act_ofs, cmd = rule->cmd ; + l > 0 ; l -= F_LEN(cmd) , cmd += F_LEN(cmd)) { + /* useful alias */ + ipfw_insn_u32 *cmd32 = (ipfw_insn_u32 *)cmd; + + show_prerequisites(&flags, 0, cmd->opcode); + + switch(cmd->opcode) { + case O_PROB: + break; /* done already */ + + case O_PROBE_STATE: + break; /* no need to print anything here */ + + case O_MACADDR2: { + ipfw_insn_mac *m = (ipfw_insn_mac *)cmd; + + if ((cmd->len & F_OR) && !or_block) + printf(" {"); + if (cmd->len & F_NOT) + printf(" not"); + printf(" MAC"); + flags |= HAVE_MAC; + print_mac(m->addr, m->mask); + print_mac(m->addr + 6, m->mask + 6); + } + break; + + case O_MAC_TYPE: + if ((cmd->len & F_OR) && !or_block) + printf(" {"); + print_newports((ipfw_insn_u16 *)cmd, IPPROTO_ETHERTYPE, + (flags & HAVE_OPTIONS) ? cmd->opcode : 0); + flags |= HAVE_MAC | HAVE_MACTYPE | HAVE_OPTIONS; + break; + + case O_IP_SRC: + case O_IP_SRC_MASK: + case O_IP_SRC_ME: + case O_IP_SRC_SET: + show_prerequisites(&flags, HAVE_PROTO, 0); + if (!(flags & HAVE_SRCIP)) + printf(" from"); + if ((cmd->len & F_OR) && !or_block) + printf(" {"); + print_ip((ipfw_insn_ip *)cmd, + (flags & HAVE_OPTIONS) ? " src-ip" : ""); + flags |= HAVE_SRCIP; + break; + + case O_IP_DST: + case O_IP_DST_MASK: + case O_IP_DST_ME: + case O_IP_DST_SET: + show_prerequisites(&flags, HAVE_PROTO|HAVE_SRCIP, 0); + if (!(flags & HAVE_DSTIP)) + printf(" to"); + if ((cmd->len & F_OR) && !or_block) + printf(" {"); + print_ip((ipfw_insn_ip *)cmd, + (flags & HAVE_OPTIONS) ? " dst-ip" : ""); + flags |= HAVE_DSTIP; + break; + + case O_IP_DSTPORT: + show_prerequisites(&flags, HAVE_IP, 0); + case O_IP_SRCPORT: + show_prerequisites(&flags, HAVE_PROTO|HAVE_SRCIP, 0); + if ((cmd->len & F_OR) && !or_block) + printf(" {"); + print_newports((ipfw_insn_u16 *)cmd, proto, + (flags & HAVE_OPTIONS) ? cmd->opcode : 0); + break; + + case O_PROTO: { + struct protoent *pe; + + if ((cmd->len & F_OR) && !or_block) + printf(" {"); + if (cmd->len & F_NOT) + printf(" not"); + proto = cmd->arg1; + pe = getprotobynumber(cmd->arg1); + if (flags & HAVE_OPTIONS) + printf(" proto"); + if (pe) + printf(" %s", pe->p_name); + else + printf(" %u", cmd->arg1); + } + flags |= HAVE_PROTO; + break; + + default: /*options ... */ + show_prerequisites(&flags, HAVE_IP | HAVE_OPTIONS, 0); + if ((cmd->len & F_OR) && !or_block) + printf(" {"); + if (cmd->len & F_NOT && cmd->opcode != O_IN) + printf(" not"); + switch(cmd->opcode) { + case O_FRAG: + printf(" frag"); + break; + + case O_IN: + printf(cmd->len & F_NOT ? " out" : " in"); + break; + + case O_LAYER2: + printf(" layer2"); + break; + case O_XMIT: + case O_RECV: + case O_VIA: { + char const *s; + ipfw_insn_if *cmdif = (ipfw_insn_if *)cmd; + + if (cmd->opcode == O_XMIT) + s = "xmit"; + else if (cmd->opcode == O_RECV) + s = "recv"; + else /* if (cmd->opcode == O_VIA) */ + s = "via"; + if (cmdif->name[0] == '\0') + printf(" %s %s", s, + inet_ntoa(cmdif->p.ip)); + else if (cmdif->p.unit == -1) + printf(" %s %s*", s, cmdif->name); + else + printf(" %s %s%d", s, cmdif->name, + cmdif->p.unit); + } + break; + + case O_IPID: + if (F_LEN(cmd) == 1) + printf(" ipid %u", cmd->arg1 ); + else + print_newports((ipfw_insn_u16 *)cmd, 0, + O_IPID); + break; + + case O_IPTTL: + if (F_LEN(cmd) == 1) + printf(" ipttl %u", cmd->arg1 ); + else + print_newports((ipfw_insn_u16 *)cmd, 0, + O_IPTTL); + break; + + case O_IPVER: + printf(" ipver %u", cmd->arg1 ); + break; + + case O_IPPRECEDENCE: + printf(" ipprecedence %u", (cmd->arg1) >> 5 ); + break; + + case O_IPLEN: + if (F_LEN(cmd) == 1) + printf(" iplen %u", cmd->arg1 ); + else + print_newports((ipfw_insn_u16 *)cmd, 0, + O_IPLEN); + break; + + case O_IPOPT: + print_flags("ipoptions", cmd, f_ipopts); + break; + + case O_IPTOS: + print_flags("iptos", cmd, f_iptos); + break; + + case O_ICMPTYPE: + print_icmptypes((ipfw_insn_u32 *)cmd); + break; + + case O_ESTAB: + printf(" established"); + break; + + case O_TCPFLAGS: + print_flags("tcpflags", cmd, f_tcpflags); + break; + + case O_TCPOPTS: + print_flags("tcpoptions", cmd, f_tcpopts); + break; + + case O_TCPWIN: + printf(" tcpwin %d", ntohs(cmd->arg1)); + break; + + case O_TCPACK: + printf(" tcpack %ld", ntohl(cmd32->d[0])); + break; + + case O_TCPSEQ: + printf(" tcpseq %ld", ntohl(cmd32->d[0])); + break; + + case O_UID: + { + struct passwd *pwd = getpwuid(cmd32->d[0]); + + if (pwd) + printf(" uid %s", pwd->pw_name); + else + printf(" uid %u", cmd32->d[0]); + } + break; + + case O_GID: + { + struct group *grp = getgrgid(cmd32->d[0]); + + if (grp) + printf(" gid %s", grp->gr_name); + else + printf(" gid %u", cmd32->d[0]); + } + break; + + case O_VERREVPATH: + printf(" verrevpath"); + break; + + case O_IPSEC: + printf(" ipsec"); + break; + + case O_NOP: + comment = (char *)(cmd + 1); + break; + + case O_KEEP_STATE: + printf(" keep-state"); + break; + + case O_LIMIT: + { + struct _s_x *p = limit_masks; + ipfw_insn_limit *c = (ipfw_insn_limit *)cmd; + uint8_t x = c->limit_mask; + char const *comma = " "; + + printf(" limit"); + for (; p->x != 0 ; p++) + if ((x & p->x) == p->x) { + x &= ~p->x; + printf("%s%s", comma, p->s); + comma = ","; + } + printf(" %d", c->conn_limit); + } + break; + + default: + printf(" [opcode %d len %d]", + cmd->opcode, cmd->len); + } + } + if (cmd->len & F_OR) { + printf(" or"); + or_block = 1; + } else if (or_block) { + printf(" }"); + or_block = 0; + } + } + show_prerequisites(&flags, HAVE_IP, 0); + if (comment) + printf(" // %s", comment); + printf("\n"); +} + +static void +show_dyn_ipfw(ipfw_dyn_rule *d, int pcwidth, int bcwidth) +{ + struct protoent *pe; + struct in_addr a; + uint16_t rulenum; + + if (!do_expired) { + if (!d->expire && !(d->dyn_type == O_LIMIT_PARENT)) + return; + } + bcopy(&d->rule, &rulenum, sizeof(rulenum)); + printf("%05d", rulenum); + if (pcwidth>0 || bcwidth>0) + printf(" %*llu %*llu (%ds)", pcwidth, + align_uint64(&d->pcnt), bcwidth, + align_uint64(&d->bcnt), d->expire); + switch (d->dyn_type) { + case O_LIMIT_PARENT: + printf(" PARENT %d", d->count); + break; + case O_LIMIT: + printf(" LIMIT"); + break; + case O_KEEP_STATE: /* bidir, no mask */ + printf(" STATE"); + break; + } + + if ((pe = getprotobynumber(d->id.proto)) != NULL) + printf(" %s", pe->p_name); + else + printf(" proto %u", d->id.proto); + + a.s_addr = htonl(d->id.src_ip); + printf(" %s %d", inet_ntoa(a), d->id.src_port); + + a.s_addr = htonl(d->id.dst_ip); + printf(" <-> %s %d", inet_ntoa(a), d->id.dst_port); + printf("\n"); +} + +static int +sort_q(const void *pa, const void *pb) +{ + int rev = (do_sort < 0); + int field = rev ? -do_sort : do_sort; + long long res = 0; + const struct dn_flow_queue *a = pa; + const struct dn_flow_queue *b = pb; + + switch (field) { + case 1: /* pkts */ + res = a->len - b->len; + break; + case 2: /* bytes */ + res = a->len_bytes - b->len_bytes; + break; + + case 3: /* tot pkts */ + res = a->tot_pkts - b->tot_pkts; + break; + + case 4: /* tot bytes */ + res = a->tot_bytes - b->tot_bytes; + break; + } + if (res < 0) + res = -1; + if (res > 0) + res = 1; + return (int)(rev ? res : -res); +} + +static void +list_queues(struct dn_flow_set *fs, struct dn_flow_queue *q) +{ + int l; + + printf(" mask: 0x%02x 0x%08x/0x%04x -> 0x%08x/0x%04x\n", + fs->flow_mask.proto, + fs->flow_mask.src_ip, fs->flow_mask.src_port, + fs->flow_mask.dst_ip, fs->flow_mask.dst_port); + if (fs->rq_elements == 0) + return; + + printf("BKT Prot ___Source IP/port____ " + "____Dest. IP/port____ Tot_pkt/bytes Pkt/Byte Drp\n"); + if (do_sort != 0) + heapsort(q, fs->rq_elements, sizeof *q, sort_q); + for (l = 0; l < fs->rq_elements; l++) { + struct in_addr ina; + struct protoent *pe; + + ina.s_addr = htonl(q[l].id.src_ip); + printf("%3d ", q[l].hash_slot); + pe = getprotobynumber(q[l].id.proto); + if (pe) + printf("%-4s ", pe->p_name); + else + printf("%4u ", q[l].id.proto); + printf("%15s/%-5d ", + inet_ntoa(ina), q[l].id.src_port); + ina.s_addr = htonl(q[l].id.dst_ip); + printf("%15s/%-5d ", + inet_ntoa(ina), q[l].id.dst_port); + printf("%4qu %8qu %2u %4u %3u\n", + q[l].tot_pkts, q[l].tot_bytes, + q[l].len, q[l].len_bytes, q[l].drops); + if (verbose) + printf(" S %20qd F %20qd\n", + q[l].S, q[l].F); + } +} + +static void +print_flowset_parms(struct dn_flow_set *fs, char *prefix) +{ + int l; + char qs[30]; + char plr[30]; + char red[90]; /* Display RED parameters */ + + l = fs->qsize; + if (fs->flags_fs & DN_QSIZE_IS_BYTES) { + if (l >= 8192) + sprintf(qs, "%d KB", l / 1024); + else + sprintf(qs, "%d B", l); + } else + sprintf(qs, "%3d sl.", l); + if (fs->plr) + sprintf(plr, "plr %f", 1.0 * fs->plr / (double)(0x7fffffff)); + else + plr[0] = '\0'; + if (fs->flags_fs & DN_IS_RED) /* RED parameters */ + sprintf(red, + "\n\t %cRED w_q %f min_th %d max_th %d max_p %f", + (fs->flags_fs & DN_IS_GENTLE_RED) ? 'G' : ' ', + 1.0 * fs->w_q / (double)(1 << SCALE_RED), + SCALE_VAL(fs->min_th), + SCALE_VAL(fs->max_th), + 1.0 * fs->max_p / (double)(1 << SCALE_RED)); + else + sprintf(red, "droptail"); + + printf("%s %s%s %d queues (%d buckets) %s\n", + prefix, qs, plr, fs->rq_elements, fs->rq_size, red); +} + +static void +list_pipes(void *data, uint nbytes, int ac, char *av[]) +{ + int rulenum; + void *next = data; + struct dn_pipe *p = (struct dn_pipe *) data; + struct dn_flow_set *fs; + struct dn_flow_queue *q; + int l; + + if (ac > 0) + rulenum = strtoul(*av++, NULL, 10); + else + rulenum = 0; + for (; nbytes >= sizeof *p; p = (struct dn_pipe *)next) { + double b = p->bandwidth; + char buf[30]; + char prefix[80]; + + if (p->next != (struct dn_pipe *)DN_IS_PIPE) + break; /* done with pipes, now queues */ + + /* + * compute length, as pipe have variable size + */ + l = sizeof(*p) + p->fs.rq_elements * sizeof(*q); + next = (char *)p + l; + nbytes -= l; + + if (rulenum != 0 && rulenum != p->pipe_nr) + continue; + + /* + * Print rate (or clocking interface) + */ + if (p->if_name[0] != '\0') + sprintf(buf, "%s", p->if_name); + else if (b == 0) + sprintf(buf, "unlimited"); + else if (b >= 1000000) + sprintf(buf, "%7.3f Mbit/s", b/1000000); + else if (b >= 1000) + sprintf(buf, "%7.3f Kbit/s", b/1000); + else + sprintf(buf, "%7.3f bit/s ", b); + + sprintf(prefix, "%05d: %s %4d ms ", + p->pipe_nr, buf, p->delay); + print_flowset_parms(&(p->fs), prefix); + if (verbose) + printf(" V %20qd\n", p->V >> MY_M); + + q = (struct dn_flow_queue *)(p+1); + list_queues(&(p->fs), q); + } + for (fs = next; nbytes >= sizeof *fs; fs = next) { + char prefix[80]; + + if (fs->next != (struct dn_flow_set *)DN_IS_QUEUE) + break; + l = sizeof(*fs) + fs->rq_elements * sizeof(*q); + next = (char *)fs + l; + nbytes -= l; + q = (struct dn_flow_queue *)(fs+1); + sprintf(prefix, "q%05d: weight %d pipe %d ", + fs->fs_nr, fs->weight, fs->parent_nr); + print_flowset_parms(fs, prefix); + list_queues(fs, q); + } +} + +/* + * This one handles all set-related commands + * ipfw set { show | enable | disable } + * ipfw set swap X Y + * ipfw set move X to Y + * ipfw set move rule X to Y + */ +static void +sets_handler(int ac, char *av[]) +{ + uint32_t set_disable, masks[2]; + int i, nbytes; + uint16_t rulenum; + uint8_t cmd, new_set; + + ac--; + av++; + + if (!ac) + errx(EX_USAGE, "set needs command"); + if (!strncmp(*av, "show", strlen(*av)) ) { + void *data; + char const *msg; + + nbytes = sizeof(struct ip_fw); + if ((data = calloc(1, nbytes)) == NULL) + err(EX_OSERR, "calloc"); + + if (do_cmd(IP_FW_GET, data, (uintptr_t)&nbytes) < 0) + err(EX_OSERR, "getsockopt(IP_FW_GET)"); + bcopy(&((struct ip_fw *)data)->next_rule, + &set_disable, sizeof(set_disable)); + + for (i = 0, msg = "disable" ; i < RESVD_SET; i++) + if ((set_disable & (1< RESVD_SET) + errx(EX_DATAERR, "invalid set number %s\n", av[0]); + if (!isdigit(*(av[1])) || new_set > RESVD_SET) + errx(EX_DATAERR, "invalid set number %s\n", av[1]); + masks[0] = (4 << 24) | (new_set << 16) | (rulenum); + + bzero(&rule, sizeof(rule)); + rule.rulenum = masks[0]; + + i = do_cmd(IP_FW_DEL, &rule, sizeof(rule)); + } else if (!strncmp(*av, "move", strlen(*av))) { + struct ip_fw rule; + ac--; av++; + if (ac && !strncmp(*av, "rule", strlen(*av))) { + cmd = 2; + ac--; av++; + } else + cmd = 3; + if (ac != 3 || strncmp(av[1], "to", strlen(*av))) + errx(EX_USAGE, "syntax: set move [rule] X to Y\n"); + rulenum = atoi(av[0]); + new_set = atoi(av[2]); + if (!isdigit(*(av[0])) || (cmd == 3 && rulenum > RESVD_SET) || + (cmd == 2 && rulenum == 65535) ) + errx(EX_DATAERR, "invalid source number %s\n", av[0]); + if (!isdigit(*(av[2])) || new_set > RESVD_SET) + errx(EX_DATAERR, "invalid dest. set %s\n", av[1]); + masks[0] = (cmd << 24) | (new_set << 16) | (rulenum); + + bzero(&rule, sizeof(rule)); + rule.rulenum = masks[0]; + + i = do_cmd(IP_FW_DEL, &rule, sizeof(rule)); + } else if (!strncmp(*av, "disable", strlen(*av)) || + !strncmp(*av, "enable", strlen(*av)) ) { + int which = !strncmp(*av, "enable", strlen(*av)) ? 1 : 0; + struct ip_fw rule; + + ac--; av++; + masks[0] = masks[1] = 0; + + while (ac) { + if (isdigit(**av)) { + i = atoi(*av); + if (i < 0 || i > RESVD_SET) + errx(EX_DATAERR, + "invalid set number %d\n", i); + masks[which] |= (1<= nalloc) { + nalloc = nalloc * 2 + 200; + nbytes = nalloc; + if ((data = realloc(data, nbytes)) == NULL) + err(EX_OSERR, "realloc"); + + if (do_cmd(ocmd, data, (uintptr_t)&nbytes) < 0) + err(EX_OSERR, "getsockopt(IP_%s_GET)", + do_pipe ? "DUMMYNET" : "FW"); + } + + if (do_pipe) { + list_pipes(data, nbytes, ac, av); + goto done; + } + + /* + * Count static rules. They have variable size so we + * need to scan the list to count them. + */ + for (nstat = 1, r = data, lim = (char *)data + nbytes; + r->rulenum < 65535 && (char *)r < lim; + ++nstat, r = NEXT(r) ) + ; /* nothing */ + + /* + * Count dynamic rules. This is easier as they have + * fixed size. + */ + r = NEXT(r); + dynrules = (ipfw_dyn_rule *)r ; + n = (char *)r - (char *)data; + ndyn = (nbytes - n) / sizeof *dynrules; + + /* if showing stats, figure out column widths ahead of time */ + bcwidth = pcwidth = 0; + if (show_counters) { + for (n = 0, r = data; n < nstat; n++, r = NEXT(r)) { + /* packet counter */ + width = snprintf(NULL, 0, "%llu", + align_uint64(&r->pcnt)); + if (width > pcwidth) + pcwidth = width; + + /* byte counter */ + width = snprintf(NULL, 0, "%llu", + align_uint64(&r->bcnt)); + if (width > bcwidth) + bcwidth = width; + } + } + if (do_dynamic && ndyn) { + for (n = 0, d = dynrules; n < ndyn; n++, d++) { + width = snprintf(NULL, 0, "%llu", + align_uint64(&d->pcnt)); + if (width > pcwidth) + pcwidth = width; + + width = snprintf(NULL, 0, "%llu", + align_uint64(&d->bcnt)); + if (width > bcwidth) + bcwidth = width; + } + } + /* if no rule numbers were specified, list all rules */ + if (ac == 0) { + for (n = 0, r = data; n < nstat; n++, r = NEXT(r) ) + show_ipfw(r, pcwidth, bcwidth); + + if (do_dynamic && ndyn) { + printf("## Dynamic rules (%d):\n", ndyn); + for (n = 0, d = dynrules; n < ndyn; n++, d++) + show_dyn_ipfw(d, pcwidth, bcwidth); + } + goto done; + } + + /* display specific rules requested on command line */ + + for (lac = ac, lav = av; lac != 0; lac--) { + /* convert command line rule # */ + last = rnum = strtoul(*lav++, &endptr, 10); + if (*endptr == '-') + last = strtoul(endptr+1, &endptr, 10); + if (*endptr) { + exitval = EX_USAGE; + warnx("invalid rule number: %s", *(lav - 1)); + continue; + } + for (n = seen = 0, r = data; n < nstat; n++, r = NEXT(r) ) { + if (r->rulenum > last) + break; + if (r->rulenum >= rnum && r->rulenum <= last) { + show_ipfw(r, pcwidth, bcwidth); + seen = 1; + } + } + if (!seen) { + /* give precedence to other error(s) */ + if (exitval == EX_OK) + exitval = EX_UNAVAILABLE; + warnx("rule %lu does not exist", rnum); + } + } + + if (do_dynamic && ndyn) { + printf("## Dynamic rules:\n"); + for (lac = ac, lav = av; lac != 0; lac--) { + rnum = strtoul(*lav++, &endptr, 10); + if (*endptr == '-') + last = strtoul(endptr+1, &endptr, 10); + if (*endptr) + /* already warned */ + continue; + for (n = 0, d = dynrules; n < ndyn; n++, d++) { + uint16_t rulenum; + + bcopy(&d->rule, &rulenum, sizeof(rulenum)); + if (rulenum > rnum) + break; + if (r->rulenum >= rnum && r->rulenum <= last) + show_dyn_ipfw(d, pcwidth, bcwidth); + } + } + } + + ac = 0; + +done: + free(data); + + if (exitval != EX_OK) + exit(exitval); +#undef NEXT +} + +static void +show_usage(void) +{ + fprintf(stderr, "usage: ipfw [options]\n" +"do \"ipfw -h\" or see ipfw manpage for details\n" +); + exit(EX_USAGE); +} + +static void +help(void) +{ + fprintf(stderr, +"ipfw syntax summary (but please do read the ipfw(8) manpage):\n" +"ipfw [-acdeftTnNpqS] where is one of:\n" +"add [num] [set N] [prob x] RULE-BODY\n" +"{pipe|queue} N config PIPE-BODY\n" +"[pipe|queue] {zero|delete|show} [N{,N}]\n" +"set [disable N... enable N...] | move [rule] X to Y | swap X Y | show\n" +"\n" +"RULE-BODY: check-state [LOG] | ACTION [LOG] ADDR [OPTION_LIST]\n" +"ACTION: check-state | allow | count | deny | reject | skipto N |\n" +" {divert|tee} PORT | forward ADDR | pipe N | queue N\n" +"ADDR: [ MAC dst src ether_type ] \n" +" [ from IPADDR [ PORT ] to IPADDR [ PORTLIST ] ]\n" +"IPADDR: [not] { any | me | ip/bits{x,y,z} | IPLIST }\n" +"IPLIST: { ip | ip/bits | ip:mask }[,IPLIST]\n" +"OPTION_LIST: OPTION [OPTION_LIST]\n" +"OPTION: bridged | {dst-ip|src-ip} ADDR | {dst-port|src-port} LIST |\n" +" estab | frag | {gid|uid} N | icmptypes LIST | in | out | ipid LIST |\n" +" iplen LIST | ipoptions SPEC | ipprecedence | ipsec | iptos SPEC |\n" +" ipttl LIST | ipversion VER | keep-state | layer2 | limit ... |\n" +" mac ... | mac-type LIST | proto LIST | {recv|xmit|via} {IF|IPADDR} |\n" +" setup | {tcpack|tcpseq|tcpwin} NN | tcpflags SPEC | tcpoptions SPEC |\n" +" verrevpath\n" +); +exit(0); +} + + +static int +lookup_host (char *host, struct in_addr *ipaddr) +{ + struct hostent *he; + + if (!inet_aton(host, ipaddr)) { + if ((he = gethostbyname(host)) == NULL) + return(-1); + *ipaddr = *(struct in_addr *)he->h_addr_list[0]; + } + return(0); +} + +/* + * fills the addr and mask fields in the instruction as appropriate from av. + * Update length as appropriate. + * The following formats are allowed: + * any matches any IP. Actually returns an empty instruction. + * me returns O_IP_*_ME + * 1.2.3.4 single IP address + * 1.2.3.4:5.6.7.8 address:mask + * 1.2.3.4/24 address/mask + * 1.2.3.4/26{1,6,5,4,23} set of addresses in a subnet + * We can have multiple comma-separated address/mask entries. + */ +static void +fill_ip(ipfw_insn_ip *cmd, char *av) +{ + int len = 0; + uint32_t *d = ((ipfw_insn_u32 *)cmd)->d; + + cmd->o.len &= ~F_LEN_MASK; /* zero len */ + + if (!strncmp(av, "any", strlen(av))) + return; + + if (!strncmp(av, "me", strlen(av))) { + cmd->o.len |= F_INSN_SIZE(ipfw_insn); + return; + } + + while (av) { + /* + * After the address we can have '/' or ':' indicating a mask, + * ',' indicating another address follows, '{' indicating a + * set of addresses of unspecified size. + */ + char *p = strpbrk(av, "/:,{"); + int masklen; + char md; + + if (p) { + md = *p; + *p++ = '\0'; + } else + md = '\0'; + + if (lookup_host(av, (struct in_addr *)&d[0]) != 0) + errx(EX_NOHOST, "hostname ``%s'' unknown", av); + switch (md) { + case ':': + if (!inet_aton(p, (struct in_addr *)&d[1])) + errx(EX_DATAERR, "bad netmask ``%s''", p); + break; + case '/': + masklen = atoi(p); + if (masklen == 0) + d[1] = htonl(0); /* mask */ + else if (masklen > 32) + errx(EX_DATAERR, "bad width ``%s''", p); + else + d[1] = htonl(~0 << (32 - masklen)); + break; + case '{': /* no mask, assume /24 and put back the '{' */ + d[1] = htonl(~0 << (32 - 24)); + *(--p) = md; + break; + + case ',': /* single address plus continuation */ + *(--p) = md; + /* FALLTHROUGH */ + case 0: /* initialization value */ + default: + d[1] = htonl(~0); /* force /32 */ + break; + } + d[0] &= d[1]; /* mask base address with mask */ + /* find next separator */ + if (p) + p = strpbrk(p, ",{"); + if (p && *p == '{') { + /* + * We have a set of addresses. They are stored as follows: + * arg1 is the set size (powers of 2, 2..256) + * addr is the base address IN HOST FORMAT + * mask.. is an array of arg1 bits (rounded up to + * the next multiple of 32) with bits set + * for each host in the map. + */ + uint32_t *map = (uint32_t *)&cmd->mask; + int low, high; + int i = contigmask((uint8_t *)&(d[1]), 32); + + if (len > 0) + errx(EX_DATAERR, "address set cannot be in a list"); + if (i < 24 || i > 31) + errx(EX_DATAERR, "invalid set with mask %d\n", i); + cmd->o.arg1 = 1<<(32-i); /* map length */ + d[0] = ntohl(d[0]); /* base addr in host format */ + cmd->o.opcode = O_IP_DST_SET; /* default */ + cmd->o.len |= F_INSN_SIZE(ipfw_insn_u32) + (cmd->o.arg1+31)/32; + for (i = 0; i < (cmd->o.arg1+31)/32 ; i++) + map[i] = 0; /* clear map */ + + av = p + 1; + low = d[0] & 0xff; + high = low + cmd->o.arg1 - 1; + /* + * Here, i stores the previous value when we specify a range + * of addresses within a mask, e.g. 45-63. i = -1 means we + * have no previous value. + */ + i = -1; /* previous value in a range */ + while (isdigit(*av)) { + char *s; + int a = strtol(av, &s, 0); + + if (s == av) { /* no parameter */ + if (*av != '}') + errx(EX_DATAERR, "set not closed\n"); + if (i != -1) + errx(EX_DATAERR, "incomplete range %d-", i); + break; + } + if (a < low || a > high) + errx(EX_DATAERR, "addr %d out of range [%d-%d]\n", + a, low, high); + a -= low; + if (i == -1) /* no previous in range */ + i = a; + else { /* check that range is valid */ + if (i > a) + errx(EX_DATAERR, "invalid range %d-%d", + i+low, a+low); + if (*s == '-') + errx(EX_DATAERR, "double '-' in range"); + } + for (; i <= a; i++) + map[i/32] |= 1<<(i & 31); + i = -1; + if (*s == '-') + i = a; + else if (*s == '}') + break; + av = s+1; + } + return; + } + av = p; + if (av) /* then *av must be a ',' */ + av++; + + /* Check this entry */ + if (d[1] == 0) { /* "any", specified as x.x.x.x/0 */ + /* + * 'any' turns the entire list into a NOP. + * 'not any' never matches, so it is removed from the + * list unless it is the only item, in which case we + * report an error. + */ + if (cmd->o.len & F_NOT) { /* "not any" never matches */ + if (av == NULL && len == 0) /* only this entry */ + errx(EX_DATAERR, "not any never matches"); + } + /* else do nothing and return */ + return; + } + /* A single IP can be stored in an optimized format */ + if (d[1] == IP_MASK_ALL && av == NULL && len == 0) { + cmd->o.len |= F_INSN_SIZE(ipfw_insn_u32); + return; + } + len += 2; /* two words... */ + d += 2; + } /* end while */ + cmd->o.len |= len+1; +} + + +/* + * helper function to process a set of flags and set bits in the + * appropriate masks. + */ +static void +fill_flags(ipfw_insn *cmd, enum ipfw_opcodes opcode, + struct _s_x *flags, char *p) +{ + uint8_t set=0, clear=0; + + while (p && *p) { + char *q; /* points to the separator */ + int val; + uint8_t *which; /* mask we are working on */ + + if (*p == '!') { + p++; + which = &clear; + } else + which = &set; + q = strchr(p, ','); + if (q) + *q++ = '\0'; + val = match_token(flags, p); + if (val <= 0) + errx(EX_DATAERR, "invalid flag %s", p); + *which |= (uint8_t)val; + p = q; + } + cmd->opcode = opcode; + cmd->len = (cmd->len & (F_NOT | F_OR)) | 1; + cmd->arg1 = (set & 0xff) | ( (clear & 0xff) << 8); +} + + +static void +delete(int ac, char *av[]) +{ + struct ip_fw rule; + struct dn_pipe p; + int i; + int exitval = EX_OK; + int do_set = 0; + + memset(&p, 0, sizeof p); + + av++; ac--; + if (ac > 0 && !strncmp(*av, "set", strlen(*av))) { + do_set = 1; /* delete set */ + ac--; av++; + } + + /* Rule number */ + while (ac && isdigit(**av)) { + i = atoi(*av); av++; ac--; + if (do_pipe) { + if (do_pipe == 1) + p.pipe_nr = i; + else + p.fs.fs_nr = i; + i = do_cmd(IP_DUMMYNET_DEL, &p, sizeof p); + if (i) { + exitval = 1; + warn("rule %u: setsockopt(IP_DUMMYNET_DEL)", + do_pipe == 1 ? p.pipe_nr : p.fs.fs_nr); + } + } else { + bzero(&rule, sizeof(rule)); + rule.rulenum = (i & 0xffff) | (do_set << 24); + i = do_cmd(IP_FW_DEL, &rule, sizeof(rule)); + if (i) { + exitval = EX_UNAVAILABLE; + warn("rule %u: setsockopt(IP_FW_DEL)", + rule.rulenum); + } + } + } + if (exitval != EX_OK) + exit(exitval); +} + + +/* + * fill the interface structure. We do not check the name as we can + * create interfaces dynamically, so checking them at insert time + * makes relatively little sense. + * A '*' following the name means any unit. + */ +static void +fill_iface(ipfw_insn_if *cmd, char *arg) +{ + cmd->name[0] = '\0'; + cmd->o.len |= F_INSN_SIZE(ipfw_insn_if); + + /* Parse the interface or address */ + if (!strcmp(arg, "any")) + cmd->o.len = 0; /* effectively ignore this command */ + else if (!isdigit(*arg)) { + char *q; + + strncpy(cmd->name, arg, sizeof(cmd->name)); + cmd->name[sizeof(cmd->name) - 1] = '\0'; + /* find first digit or wildcard */ + for (q = cmd->name; *q && !isdigit(*q) && *q != '*'; q++) + continue; + cmd->p.unit = (*q == '*') ? -1 : atoi(q); + *q = '\0'; + } else if (!inet_aton(arg, &cmd->p.ip)) + errx(EX_DATAERR, "bad ip address ``%s''", arg); +} + +/* + * the following macro returns an error message if we run out of + * arguments. + */ +#define NEED1(msg) {if (!ac) errx(EX_USAGE, msg);} + +static void +config_pipe(int ac, char **av) +{ + struct dn_pipe p; + int i; + char *end; + uint32_t a; + void *par = NULL; + + memset(&p, 0, sizeof p); + + av++; ac--; + /* Pipe number */ + if (ac && isdigit(**av)) { + i = atoi(*av); av++; ac--; + if (do_pipe == 1) + p.pipe_nr = i; + else + p.fs.fs_nr = i; + } + while (ac > 0) { + double d; + int tok = match_token(dummynet_params, *av); + ac--; av++; + + switch(tok) { + case TOK_NOERROR: + p.fs.flags_fs |= DN_NOERROR; + break; + + case TOK_PLR: + NEED1("plr needs argument 0..1\n"); + d = strtod(av[0], NULL); + if (d > 1) + d = 1; + else if (d < 0) + d = 0; + p.fs.plr = (int)(d*0x7fffffff); + ac--; av++; + break; + + case TOK_QUEUE: + NEED1("queue needs queue size\n"); + end = NULL; + p.fs.qsize = strtoul(av[0], &end, 0); + if (*end == 'K' || *end == 'k') { + p.fs.flags_fs |= DN_QSIZE_IS_BYTES; + p.fs.qsize *= 1024; + } else if (*end == 'B' || !strncmp(end, "by", 2)) { + p.fs.flags_fs |= DN_QSIZE_IS_BYTES; + } + ac--; av++; + break; + + case TOK_BUCKETS: + NEED1("buckets needs argument\n"); + p.fs.rq_size = strtoul(av[0], NULL, 0); + ac--; av++; + break; + + case TOK_MASK: + NEED1("mask needs mask specifier\n"); + /* + * per-flow queue, mask is dst_ip, dst_port, + * src_ip, src_port, proto measured in bits + */ + par = NULL; + + p.fs.flow_mask.dst_ip = 0; + p.fs.flow_mask.src_ip = 0; + p.fs.flow_mask.dst_port = 0; + p.fs.flow_mask.src_port = 0; + p.fs.flow_mask.proto = 0; + end = NULL; + + while (ac >= 1) { + uint32_t *p32 = NULL; + uint16_t *p16 = NULL; + + tok = match_token(dummynet_params, *av); + ac--; av++; + switch(tok) { + case TOK_ALL: + /* + * special case, all bits significant + */ + p.fs.flow_mask.dst_ip = ~0; + p.fs.flow_mask.src_ip = ~0; + p.fs.flow_mask.dst_port = ~0; + p.fs.flow_mask.src_port = ~0; + p.fs.flow_mask.proto = ~0; + p.fs.flags_fs |= DN_HAVE_FLOW_MASK; + goto end_mask; + + case TOK_DSTIP: + p32 = &p.fs.flow_mask.dst_ip; + break; + + case TOK_SRCIP: + p32 = &p.fs.flow_mask.src_ip; + break; + + case TOK_DSTPORT: + p16 = &p.fs.flow_mask.dst_port; + break; + + case TOK_SRCPORT: + p16 = &p.fs.flow_mask.src_port; + break; + + case TOK_PROTO: + break; + + default: + ac++; av--; /* backtrack */ + goto end_mask; + } + if (ac < 1) + errx(EX_USAGE, "mask: value missing"); + if (*av[0] == '/') { + a = strtoul(av[0]+1, &end, 0); + a = (a == 32) ? ~0 : (1 << a) - 1; + } else + a = strtoul(av[0], &end, 0); + if (p32 != NULL) + *p32 = a; + else if (p16 != NULL) { + if (a > 65535) + errx(EX_DATAERR, + "mask: must be 16 bit"); + *p16 = (uint16_t)a; + } else { + if (a > 255) + errx(EX_DATAERR, + "mask: must be 8 bit"); + p.fs.flow_mask.proto = (uint8_t)a; + } + if (a != 0) + p.fs.flags_fs |= DN_HAVE_FLOW_MASK; + ac--; av++; + } /* end while, config masks */ +end_mask: + break; + + case TOK_RED: + case TOK_GRED: + NEED1("red/gred needs w_q/min_th/max_th/max_p\n"); + p.fs.flags_fs |= DN_IS_RED; + if (tok == TOK_GRED) + p.fs.flags_fs |= DN_IS_GENTLE_RED; + /* + * the format for parameters is w_q/min_th/max_th/max_p + */ + if ((end = strsep(&av[0], "/"))) { + double w_q = strtod(end, NULL); + if (w_q > 1 || w_q <= 0) + errx(EX_DATAERR, "0 < w_q <= 1"); + p.fs.w_q = (int) (w_q * (1 << SCALE_RED)); + } + if ((end = strsep(&av[0], "/"))) { + p.fs.min_th = strtoul(end, &end, 0); + if (*end == 'K' || *end == 'k') + p.fs.min_th *= 1024; + } + if ((end = strsep(&av[0], "/"))) { + p.fs.max_th = strtoul(end, &end, 0); + if (*end == 'K' || *end == 'k') + p.fs.max_th *= 1024; + } + if ((end = strsep(&av[0], "/"))) { + double max_p = strtod(end, NULL); + if (max_p > 1 || max_p <= 0) + errx(EX_DATAERR, "0 < max_p <= 1"); + p.fs.max_p = (int)(max_p * (1 << SCALE_RED)); + } + ac--; av++; + break; + + case TOK_DROPTAIL: + p.fs.flags_fs &= ~(DN_IS_RED|DN_IS_GENTLE_RED); + break; + + case TOK_BW: + NEED1("bw needs bandwidth or interface\n"); + if (do_pipe != 1) + errx(EX_DATAERR, "bandwidth only valid for pipes"); + /* + * set clocking interface or bandwidth value + */ + if (av[0][0] >= 'a' && av[0][0] <= 'z') { + int l = sizeof(p.if_name)-1; + /* interface name */ + strncpy(p.if_name, av[0], l); + p.if_name[l] = '\0'; + p.bandwidth = 0; + } else { + p.if_name[0] = '\0'; + p.bandwidth = strtoul(av[0], &end, 0); + if (*end == 'K' || *end == 'k') { + end++; + p.bandwidth *= 1000; + } else if (*end == 'M') { + end++; + p.bandwidth *= 1000000; + } + if (*end == 'B' || !strncmp(end, "by", 2)) + p.bandwidth *= 8; + if (p.bandwidth < 0) + errx(EX_DATAERR, "bandwidth too large"); + } + ac--; av++; + break; + + case TOK_DELAY: + if (do_pipe != 1) + errx(EX_DATAERR, "delay only valid for pipes"); + NEED1("delay needs argument 0..10000ms\n"); + p.delay = strtoul(av[0], NULL, 0); + ac--; av++; + break; + + case TOK_WEIGHT: + if (do_pipe == 1) + errx(EX_DATAERR,"weight only valid for queues"); + NEED1("weight needs argument 0..100\n"); + p.fs.weight = strtoul(av[0], &end, 0); + ac--; av++; + break; + + case TOK_PIPE: + if (do_pipe == 1) + errx(EX_DATAERR,"pipe only valid for queues"); + NEED1("pipe needs pipe_number\n"); + p.fs.parent_nr = strtoul(av[0], &end, 0); + ac--; av++; + break; + + default: + errx(EX_DATAERR, "unrecognised option ``%s''", *av); + } + } + if (do_pipe == 1) { + if (p.pipe_nr == 0) + errx(EX_DATAERR, "pipe_nr must be > 0"); + if (p.delay > 10000) + errx(EX_DATAERR, "delay must be < 10000"); + } else { /* do_pipe == 2, queue */ + if (p.fs.parent_nr == 0) + errx(EX_DATAERR, "pipe must be > 0"); + if (p.fs.weight >100) + errx(EX_DATAERR, "weight must be <= 100"); + } + if (p.fs.flags_fs & DN_QSIZE_IS_BYTES) { + if (p.fs.qsize > 1024*1024) + errx(EX_DATAERR, "queue size must be < 1MB"); + } else { + if (p.fs.qsize > 100) + errx(EX_DATAERR, "2 <= queue size <= 100"); + } + if (p.fs.flags_fs & DN_IS_RED) { + size_t len; + int lookup_depth, avg_pkt_size; + double s, idle, weight, w_q; + struct clockinfo ck; + int t; + + if (p.fs.min_th >= p.fs.max_th) + errx(EX_DATAERR, "min_th %d must be < than max_th %d", + p.fs.min_th, p.fs.max_th); + if (p.fs.max_th == 0) + errx(EX_DATAERR, "max_th must be > 0"); + + len = sizeof(int); + if (sysctlbyname("net.inet.ip.dummynet.red_lookup_depth", + &lookup_depth, &len, NULL, 0) == -1) + + errx(1, "sysctlbyname(\"%s\")", + "net.inet.ip.dummynet.red_lookup_depth"); + if (lookup_depth == 0) + errx(EX_DATAERR, "net.inet.ip.dummynet.red_lookup_depth" + " must be greater than zero"); + + len = sizeof(int); + if (sysctlbyname("net.inet.ip.dummynet.red_avg_pkt_size", + &avg_pkt_size, &len, NULL, 0) == -1) + + errx(1, "sysctlbyname(\"%s\")", + "net.inet.ip.dummynet.red_avg_pkt_size"); + if (avg_pkt_size == 0) + errx(EX_DATAERR, + "net.inet.ip.dummynet.red_avg_pkt_size must" + " be greater than zero"); + + len = sizeof(struct clockinfo); + if (sysctlbyname("kern.clockrate", &ck, &len, NULL, 0) == -1) + errx(1, "sysctlbyname(\"%s\")", "kern.clockrate"); + + /* + * Ticks needed for sending a medium-sized packet. + * Unfortunately, when we are configuring a WF2Q+ queue, we + * do not have bandwidth information, because that is stored + * in the parent pipe, and also we have multiple queues + * competing for it. So we set s=0, which is not very + * correct. But on the other hand, why do we want RED with + * WF2Q+ ? + */ + if (p.bandwidth==0) /* this is a WF2Q+ queue */ + s = 0; + else + s = ck.hz * avg_pkt_size * 8 / p.bandwidth; + + /* + * max idle time (in ticks) before avg queue size becomes 0. + * NOTA: (3/w_q) is approx the value x so that + * (1-w_q)^x < 10^-3. + */ + w_q = ((double)p.fs.w_q) / (1 << SCALE_RED); + idle = s * 3. / w_q; + p.fs.lookup_step = (int)idle / lookup_depth; + if (!p.fs.lookup_step) + p.fs.lookup_step = 1; + weight = 1 - w_q; + for (t = p.fs.lookup_step; t > 0; --t) + weight *= weight; + p.fs.lookup_weight = (int)(weight * (1 << SCALE_RED)); + } + i = do_cmd(IP_DUMMYNET_CONFIGURE, &p, sizeof p); + if (i) + err(1, "setsockopt(%s)", "IP_DUMMYNET_CONFIGURE"); +} + +static void +get_mac_addr_mask(char *p, uint8_t *addr, uint8_t *mask) +{ + int i, l; + + for (i=0; i<6; i++) + addr[i] = mask[i] = 0; + if (!strcmp(p, "any")) + return; + + for (i=0; *p && i<6;i++, p++) { + addr[i] = strtol(p, &p, 16); + if (*p != ':') /* we start with the mask */ + break; + } + if (*p == '/') { /* mask len */ + l = strtol(p+1, &p, 0); + for (i=0; l>0; l -=8, i++) + mask[i] = (l >=8) ? 0xff : (~0) << (8-l); + } else if (*p == '&') { /* mask */ + for (i=0, p++; *p && i<6;i++, p++) { + mask[i] = strtol(p, &p, 16); + if (*p != ':') + break; + } + } else if (*p == '\0') { + for (i=0; i<6; i++) + mask[i] = 0xff; + } + for (i=0; i<6; i++) + addr[i] &= mask[i]; +} + +/* + * helper function, updates the pointer to cmd with the length + * of the current command, and also cleans up the first word of + * the new command in case it has been clobbered before. + */ +static ipfw_insn * +next_cmd(ipfw_insn *cmd) +{ + cmd += F_LEN(cmd); + bzero(cmd, sizeof(*cmd)); + return cmd; +} + +/* + * Takes arguments and copies them into a comment + */ +static void +fill_comment(ipfw_insn *cmd, int ac, char **av) +{ + int i, l; + char *p = (char *)(cmd + 1); + + cmd->opcode = O_NOP; + cmd->len = (cmd->len & (F_NOT | F_OR)); + + /* Compute length of comment string. */ + for (i = 0, l = 0; i < ac; i++) + l += strlen(av[i]) + 1; + if (l == 0) + return; + if (l > 84) + errx(EX_DATAERR, + "comment too long (max 80 chars)"); + l = 1 + (l+3)/4; + cmd->len = (cmd->len & (F_NOT | F_OR)) | l; + for (i = 0; i < ac; i++) { + strcpy(p, av[i]); + p += strlen(av[i]); + *p++ = ' '; + } + *(--p) = '\0'; +} + +/* + * A function to fill simple commands of size 1. + * Existing flags are preserved. + */ +static void +fill_cmd(ipfw_insn *cmd, enum ipfw_opcodes opcode, int flags, uint16_t arg) +{ + cmd->opcode = opcode; + cmd->len = ((cmd->len | flags) & (F_NOT | F_OR)) | 1; + cmd->arg1 = arg; +} + +/* + * Fetch and add the MAC address and type, with masks. This generates one or + * two microinstructions, and returns the pointer to the last one. + */ +static ipfw_insn * +add_mac(ipfw_insn *cmd, int ac, char *av[]) +{ + ipfw_insn_mac *mac; + + if (ac < 2) + errx(EX_DATAERR, "MAC dst src"); + + cmd->opcode = O_MACADDR2; + cmd->len = (cmd->len & (F_NOT | F_OR)) | F_INSN_SIZE(ipfw_insn_mac); + + mac = (ipfw_insn_mac *)cmd; + get_mac_addr_mask(av[0], mac->addr, mac->mask); /* dst */ + get_mac_addr_mask(av[1], &(mac->addr[6]), &(mac->mask[6])); /* src */ + return cmd; +} + +static ipfw_insn * +add_mactype(ipfw_insn *cmd, int ac, char *av) +{ + if (ac < 1) + errx(EX_DATAERR, "missing MAC type"); + if (strcmp(av, "any") != 0) { /* we have a non-null type */ + fill_newports((ipfw_insn_u16 *)cmd, av, IPPROTO_ETHERTYPE); + cmd->opcode = O_MAC_TYPE; + return cmd; + } else + return NULL; +} + +static ipfw_insn * +add_proto(ipfw_insn *cmd, char *av) +{ + struct protoent *pe; + u_char proto = 0; + + if (!strncmp(av, "all", strlen(av))) + ; /* same as "ip" */ + else if ((proto = atoi(av)) > 0) + ; /* all done! */ + else if ((pe = getprotobyname(av)) != NULL) + proto = pe->p_proto; + else + return NULL; + if (proto != IPPROTO_IP) + fill_cmd(cmd, O_PROTO, 0, proto); + return cmd; +} + +static ipfw_insn * +add_srcip(ipfw_insn *cmd, char *av) +{ + fill_ip((ipfw_insn_ip *)cmd, av); + if (cmd->opcode == O_IP_DST_SET) /* set */ + cmd->opcode = O_IP_SRC_SET; + else if (F_LEN(cmd) == F_INSN_SIZE(ipfw_insn)) /* me */ + cmd->opcode = O_IP_SRC_ME; + else if (F_LEN(cmd) == F_INSN_SIZE(ipfw_insn_u32)) /* one IP */ + cmd->opcode = O_IP_SRC; + else /* addr/mask */ + cmd->opcode = O_IP_SRC_MASK; + return cmd; +} + +static ipfw_insn * +add_dstip(ipfw_insn *cmd, char *av) +{ + fill_ip((ipfw_insn_ip *)cmd, av); + if (cmd->opcode == O_IP_DST_SET) /* set */ + ; + else if (F_LEN(cmd) == F_INSN_SIZE(ipfw_insn)) /* me */ + cmd->opcode = O_IP_DST_ME; + else if (F_LEN(cmd) == F_INSN_SIZE(ipfw_insn_u32)) /* one IP */ + cmd->opcode = O_IP_DST; + else /* addr/mask */ + cmd->opcode = O_IP_DST_MASK; + return cmd; +} + +static ipfw_insn * +add_ports(ipfw_insn *cmd, char *av, u_char proto, int opcode) +{ + if (!strncmp(av, "any", strlen(av))) { + return NULL; + } else if (fill_newports((ipfw_insn_u16 *)cmd, av, proto)) { + /* XXX todo: check that we have a protocol with ports */ + cmd->opcode = opcode; + return cmd; + } + return NULL; +} + +/* + * Parse arguments and assemble the microinstructions which make up a rule. + * Rules are added into the 'rulebuf' and then copied in the correct order + * into the actual rule. + * + * The syntax for a rule starts with the action, followed by an + * optional log action, and the various match patterns. + * In the assembled microcode, the first opcode must be an O_PROBE_STATE + * (generated if the rule includes a keep-state option), then the + * various match patterns, the "log" action, and the actual action. + * + */ +static void +add(int ac, char *av[]) +{ + /* + * rules are added into the 'rulebuf' and then copied in + * the correct order into the actual rule. + * Some things that need to go out of order (prob, action etc.) + * go into actbuf[]. + */ + static uint32_t rulebuf[255], actbuf[255], cmdbuf[255]; + + ipfw_insn *src, *dst, *cmd, *action, *prev=NULL; + ipfw_insn *first_cmd; /* first match pattern */ + + struct ip_fw *rule; + + /* + * various flags used to record that we entered some fields. + */ + ipfw_insn *have_state = NULL; /* check-state or keep-state */ + + int i; + + int open_par = 0; /* open parenthesis ( */ + + /* proto is here because it is used to fetch ports */ + u_char proto = IPPROTO_IP; /* default protocol */ + + double match_prob = 1; /* match probability, default is always match */ + + bzero(actbuf, sizeof(actbuf)); /* actions go here */ + bzero(cmdbuf, sizeof(cmdbuf)); + bzero(rulebuf, sizeof(rulebuf)); + + rule = (struct ip_fw *)rulebuf; + cmd = (ipfw_insn *)cmdbuf; + action = (ipfw_insn *)actbuf; + + av++; ac--; + + /* [rule N] -- Rule number optional */ + if (ac && isdigit(**av)) { + rule->rulenum = atoi(*av); + av++; + ac--; + } + + /* [set N] -- set number (0..RESVD_SET), optional */ + if (ac > 1 && !strncmp(*av, "set", strlen(*av))) { + int set = strtoul(av[1], NULL, 10); + if (set < 0 || set > RESVD_SET) + errx(EX_DATAERR, "illegal set %s", av[1]); + rule->set = set; + av += 2; ac -= 2; + } + + /* [prob D] -- match probability, optional */ + if (ac > 1 && !strncmp(*av, "prob", strlen(*av))) { + match_prob = strtod(av[1], NULL); + + if (match_prob <= 0 || match_prob > 1) + errx(EX_DATAERR, "illegal match prob. %s", av[1]); + av += 2; ac -= 2; + } + + /* action -- mandatory */ + NEED1("missing action"); + i = match_token(rule_actions, *av); + ac--; av++; + action->len = 1; /* default */ + switch(i) { + case TOK_CHECKSTATE: + have_state = action; + action->opcode = O_CHECK_STATE; + break; + + case TOK_ACCEPT: + action->opcode = O_ACCEPT; + break; + + case TOK_DENY: + action->opcode = O_DENY; + action->arg1 = 0; + break; + + case TOK_REJECT: + action->opcode = O_REJECT; + action->arg1 = ICMP_UNREACH_HOST; + break; + + case TOK_RESET: + action->opcode = O_REJECT; + action->arg1 = ICMP_REJECT_RST; + break; + + case TOK_UNREACH: + action->opcode = O_REJECT; + NEED1("missing reject code"); + fill_reject_code(&action->arg1, *av); + ac--; av++; + break; + + case TOK_COUNT: + action->opcode = O_COUNT; + break; + + case TOK_QUEUE: + case TOK_PIPE: + action->len = F_INSN_SIZE(ipfw_insn_pipe); + case TOK_SKIPTO: + if (i == TOK_QUEUE) + action->opcode = O_QUEUE; + else if (i == TOK_PIPE) + action->opcode = O_PIPE; + else if (i == TOK_SKIPTO) + action->opcode = O_SKIPTO; + NEED1("missing skipto/pipe/queue number"); + action->arg1 = strtoul(*av, NULL, 10); + av++; ac--; + break; + + case TOK_DIVERT: + case TOK_TEE: + action->opcode = (i == TOK_DIVERT) ? O_DIVERT : O_TEE; + NEED1("missing divert/tee port"); + action->arg1 = strtoul(*av, NULL, 0); + if (action->arg1 == 0) { + struct servent *s; + setservent(1); + s = getservbyname(av[0], "divert"); + if (s != NULL) + action->arg1 = ntohs(s->s_port); + else + errx(EX_DATAERR, "illegal divert/tee port"); + } + ac--; av++; + break; + + case TOK_FORWARD: { + ipfw_insn_sa *p = (ipfw_insn_sa *)action; + char *s, *end; + + NEED1("missing forward address[:port]"); + + action->opcode = O_FORWARD_IP; + action->len = F_INSN_SIZE(ipfw_insn_sa); + + p->sa.sin_len = sizeof(struct sockaddr_in); + p->sa.sin_family = AF_INET; + p->sa.sin_port = 0; + /* + * locate the address-port separator (':' or ',') + */ + s = strchr(*av, ':'); + if (s == NULL) + s = strchr(*av, ','); + if (s != NULL) { + *(s++) = '\0'; + i = strtoport(s, &end, 0 /* base */, 0 /* proto */); + if (s == end) + errx(EX_DATAERR, + "illegal forwarding port ``%s''", s); + p->sa.sin_port = (u_short)i; + } + lookup_host(*av, &(p->sa.sin_addr)); + } + ac--; av++; + break; + + case TOK_COMMENT: + /* pretend it is a 'count' rule followed by the comment */ + action->opcode = O_COUNT; + ac++; av--; /* go back... */ + break; + + default: + errx(EX_DATAERR, "invalid action %s\n", av[-1]); + } + action = next_cmd(action); + + /* + * [log [logamount N]] -- log, optional + * + * If exists, it goes first in the cmdbuf, but then it is + * skipped in the copy section to the end of the buffer. + */ + if (ac && !strncmp(*av, "log", strlen(*av))) { + ipfw_insn_log *c = (ipfw_insn_log *)cmd; + int l; + + cmd->len = F_INSN_SIZE(ipfw_insn_log); + cmd->opcode = O_LOG; + av++; ac--; + if (ac && !strncmp(*av, "logamount", strlen(*av))) { + ac--; av++; + NEED1("logamount requires argument"); + l = atoi(*av); + if (l < 0) + errx(EX_DATAERR, "logamount must be positive"); + c->max_log = l; + ac--; av++; + } + cmd = next_cmd(cmd); + } + + if (have_state) /* must be a check-state, we are done */ + goto done; + +#define OR_START(target) \ + if (ac && (*av[0] == '(' || *av[0] == '{')) { \ + if (open_par) \ + errx(EX_USAGE, "nested \"(\" not allowed\n"); \ + prev = NULL; \ + open_par = 1; \ + if ( (av[0])[1] == '\0') { \ + ac--; av++; \ + } else \ + (*av)++; \ + } \ + target: \ + + +#define CLOSE_PAR \ + if (open_par) { \ + if (ac && ( \ + !strncmp(*av, ")", strlen(*av)) || \ + !strncmp(*av, "}", strlen(*av)) )) { \ + prev = NULL; \ + open_par = 0; \ + ac--; av++; \ + } else \ + errx(EX_USAGE, "missing \")\"\n"); \ + } + +#define NOT_BLOCK \ + if (ac && !strncmp(*av, "not", strlen(*av))) { \ + if (cmd->len & F_NOT) \ + errx(EX_USAGE, "double \"not\" not allowed\n"); \ + cmd->len |= F_NOT; \ + ac--; av++; \ + } + +#define OR_BLOCK(target) \ + if (ac && !strncmp(*av, "or", strlen(*av))) { \ + if (prev == NULL || open_par == 0) \ + errx(EX_DATAERR, "invalid OR block"); \ + prev->len |= F_OR; \ + ac--; av++; \ + goto target; \ + } \ + CLOSE_PAR; + + first_cmd = cmd; + +#if 0 + /* + * MAC addresses, optional. + * If we have this, we skip the part "proto from src to dst" + * and jump straight to the option parsing. + */ + NOT_BLOCK; + NEED1("missing protocol"); + if (!strncmp(*av, "MAC", strlen(*av)) || + !strncmp(*av, "mac", strlen(*av))) { + ac--; av++; /* the "MAC" keyword */ + add_mac(cmd, ac, av); /* exits in case of errors */ + cmd = next_cmd(cmd); + ac -= 2; av += 2; /* dst-mac and src-mac */ + NOT_BLOCK; + NEED1("missing mac type"); + if (add_mactype(cmd, ac, av[0])) + cmd = next_cmd(cmd); + ac--; av++; /* any or mac-type */ + goto read_options; + } +#endif + + /* + * protocol, mandatory + */ + OR_START(get_proto); + NOT_BLOCK; + NEED1("missing protocol"); + if (add_proto(cmd, *av)) { + av++; ac--; + if (F_LEN(cmd) == 0) /* plain IP */ + proto = 0; + else { + proto = cmd->arg1; + prev = cmd; + cmd = next_cmd(cmd); + } + } else if (first_cmd != cmd) { + errx(EX_DATAERR, "invalid protocol ``%s''", *av); + } else + goto read_options; + OR_BLOCK(get_proto); + + /* + * "from", mandatory + */ + if (!ac || strncmp(*av, "from", strlen(*av))) + errx(EX_USAGE, "missing ``from''"); + ac--; av++; + + /* + * source IP, mandatory + */ + OR_START(source_ip); + NOT_BLOCK; /* optional "not" */ + NEED1("missing source address"); + if (add_srcip(cmd, *av)) { + ac--; av++; + if (F_LEN(cmd) != 0) { /* ! any */ + prev = cmd; + cmd = next_cmd(cmd); + } + } + OR_BLOCK(source_ip); + + /* + * source ports, optional + */ + NOT_BLOCK; /* optional "not" */ + if (ac) { + if (!strncmp(*av, "any", strlen(*av)) || + add_ports(cmd, *av, proto, O_IP_SRCPORT)) { + ac--; av++; + if (F_LEN(cmd) != 0) + cmd = next_cmd(cmd); + } + } + + /* + * "to", mandatory + */ + if (!ac || strncmp(*av, "to", strlen(*av))) + errx(EX_USAGE, "missing ``to''"); + av++; ac--; + + /* + * destination, mandatory + */ + OR_START(dest_ip); + NOT_BLOCK; /* optional "not" */ + NEED1("missing dst address"); + if (add_dstip(cmd, *av)) { + ac--; av++; + if (F_LEN(cmd) != 0) { /* ! any */ + prev = cmd; + cmd = next_cmd(cmd); + } + } + OR_BLOCK(dest_ip); + + /* + * dest. ports, optional + */ + NOT_BLOCK; /* optional "not" */ + if (ac) { + if (!strncmp(*av, "any", strlen(*av)) || + add_ports(cmd, *av, proto, O_IP_DSTPORT)) { + ac--; av++; + if (F_LEN(cmd) != 0) + cmd = next_cmd(cmd); + } + } + +read_options: + if (ac && first_cmd == cmd) { + /* + * nothing specified so far, store in the rule to ease + * printout later. + */ + rule->_pad = 1; + } + prev = NULL; + while (ac) { + char *s; + ipfw_insn_u32 *cmd32; /* alias for cmd */ + + s = *av; + cmd32 = (ipfw_insn_u32 *)cmd; + + if (*s == '!') { /* alternate syntax for NOT */ + if (cmd->len & F_NOT) + errx(EX_USAGE, "double \"not\" not allowed\n"); + cmd->len = F_NOT; + s++; + } + i = match_token(rule_options, s); + ac--; av++; + switch(i) { + case TOK_NOT: + if (cmd->len & F_NOT) + errx(EX_USAGE, "double \"not\" not allowed\n"); + cmd->len = F_NOT; + break; + + case TOK_OR: + if (open_par == 0 || prev == NULL) + errx(EX_USAGE, "invalid \"or\" block\n"); + prev->len |= F_OR; + break; + + case TOK_STARTBRACE: + if (open_par) + errx(EX_USAGE, "+nested \"(\" not allowed\n"); + open_par = 1; + break; + + case TOK_ENDBRACE: + if (!open_par) + errx(EX_USAGE, "+missing \")\"\n"); + open_par = 0; + prev = NULL; + break; + + case TOK_IN: + fill_cmd(cmd, O_IN, 0, 0); + break; + + case TOK_OUT: + cmd->len ^= F_NOT; /* toggle F_NOT */ + fill_cmd(cmd, O_IN, 0, 0); + break; + + case TOK_FRAG: + fill_cmd(cmd, O_FRAG, 0, 0); + break; + + case TOK_LAYER2: + fill_cmd(cmd, O_LAYER2, 0, 0); + break; + + case TOK_XMIT: + case TOK_RECV: + case TOK_VIA: + NEED1("recv, xmit, via require interface name" + " or address"); + fill_iface((ipfw_insn_if *)cmd, av[0]); + ac--; av++; + if (F_LEN(cmd) == 0) /* not a valid address */ + break; + if (i == TOK_XMIT) + cmd->opcode = O_XMIT; + else if (i == TOK_RECV) + cmd->opcode = O_RECV; + else if (i == TOK_VIA) + cmd->opcode = O_VIA; + break; + + case TOK_ICMPTYPES: + NEED1("icmptypes requires list of types"); + fill_icmptypes((ipfw_insn_u32 *)cmd, *av); + av++; ac--; + break; + + case TOK_IPTTL: + NEED1("ipttl requires TTL"); + if (strpbrk(*av, "-,")) { + if (!add_ports(cmd, *av, 0, O_IPTTL)) + errx(EX_DATAERR, "invalid ipttl %s", *av); + } else + fill_cmd(cmd, O_IPTTL, 0, strtoul(*av, NULL, 0)); + ac--; av++; + break; + + case TOK_IPID: + NEED1("ipid requires id"); + if (strpbrk(*av, "-,")) { + if (!add_ports(cmd, *av, 0, O_IPID)) + errx(EX_DATAERR, "invalid ipid %s", *av); + } else + fill_cmd(cmd, O_IPID, 0, strtoul(*av, NULL, 0)); + ac--; av++; + break; + + case TOK_IPLEN: + NEED1("iplen requires length"); + if (strpbrk(*av, "-,")) { + if (!add_ports(cmd, *av, 0, O_IPLEN)) + errx(EX_DATAERR, "invalid ip len %s", *av); + } else + fill_cmd(cmd, O_IPLEN, 0, strtoul(*av, NULL, 0)); + ac--; av++; + break; + + case TOK_IPVER: + NEED1("ipver requires version"); + fill_cmd(cmd, O_IPVER, 0, strtoul(*av, NULL, 0)); + ac--; av++; + break; + + case TOK_IPPRECEDENCE: + NEED1("ipprecedence requires value"); + fill_cmd(cmd, O_IPPRECEDENCE, 0, + (strtoul(*av, NULL, 0) & 7) << 5); + ac--; av++; + break; + + case TOK_IPOPTS: + NEED1("missing argument for ipoptions"); + fill_flags(cmd, O_IPOPT, f_ipopts, *av); + ac--; av++; + break; + + case TOK_IPTOS: + NEED1("missing argument for iptos"); + fill_flags(cmd, O_IPTOS, f_iptos, *av); + ac--; av++; + break; + + case TOK_UID: + NEED1("uid requires argument"); + { + char *end; + uid_t uid; + struct passwd *pwd; + + cmd->opcode = O_UID; + uid = strtoul(*av, &end, 0); + pwd = (*end == '\0') ? getpwuid(uid) : getpwnam(*av); + if (pwd == NULL) + errx(EX_DATAERR, "uid \"%s\" nonexistent", *av); + cmd32->d[0] = pwd->pw_uid; + cmd->len = F_INSN_SIZE(ipfw_insn_u32); + ac--; av++; + } + break; + + case TOK_GID: + NEED1("gid requires argument"); + { + char *end; + gid_t gid; + struct group *grp; + + cmd->opcode = O_GID; + gid = strtoul(*av, &end, 0); + grp = (*end == '\0') ? getgrgid(gid) : getgrnam(*av); + if (grp == NULL) + errx(EX_DATAERR, "gid \"%s\" nonexistent", *av); + cmd32->d[0] = grp->gr_gid; + cmd->len = F_INSN_SIZE(ipfw_insn_u32); + ac--; av++; + } + break; + + case TOK_ESTAB: + fill_cmd(cmd, O_ESTAB, 0, 0); + break; + + case TOK_SETUP: + fill_cmd(cmd, O_TCPFLAGS, 0, + (TH_SYN) | ( (TH_ACK) & 0xff) <<8 ); + break; + + case TOK_TCPOPTS: + NEED1("missing argument for tcpoptions"); + fill_flags(cmd, O_TCPOPTS, f_tcpopts, *av); + ac--; av++; + break; + + case TOK_TCPSEQ: + case TOK_TCPACK: + NEED1("tcpseq/tcpack requires argument"); + cmd->len = F_INSN_SIZE(ipfw_insn_u32); + cmd->opcode = (i == TOK_TCPSEQ) ? O_TCPSEQ : O_TCPACK; + cmd32->d[0] = htonl(strtoul(*av, NULL, 0)); + ac--; av++; + break; + + case TOK_TCPWIN: + NEED1("tcpwin requires length"); + fill_cmd(cmd, O_TCPWIN, 0, + htons(strtoul(*av, NULL, 0))); + ac--; av++; + break; + + case TOK_TCPFLAGS: + NEED1("missing argument for tcpflags"); + cmd->opcode = O_TCPFLAGS; + fill_flags(cmd, O_TCPFLAGS, f_tcpflags, *av); + ac--; av++; + break; + + case TOK_KEEPSTATE: + if (open_par) + errx(EX_USAGE, "keep-state cannot be part " + "of an or block"); + if (have_state) + errx(EX_USAGE, "only one of keep-state " + "and limit is allowed"); + have_state = cmd; + fill_cmd(cmd, O_KEEP_STATE, 0, 0); + break; + + case TOK_LIMIT: + if (open_par) + errx(EX_USAGE, "limit cannot be part " + "of an or block"); + if (have_state) + errx(EX_USAGE, "only one of keep-state " + "and limit is allowed"); + NEED1("limit needs mask and # of connections"); + have_state = cmd; + { + ipfw_insn_limit *c = (ipfw_insn_limit *)cmd; + + cmd->len = F_INSN_SIZE(ipfw_insn_limit); + cmd->opcode = O_LIMIT; + c->limit_mask = 0; + c->conn_limit = 0; + for (; ac >1 ;) { + int val; + + val = match_token(limit_masks, *av); + if (val <= 0) + break; + c->limit_mask |= val; + ac--; av++; + } + c->conn_limit = atoi(*av); + if (c->conn_limit == 0) + errx(EX_USAGE, "limit: limit must be >0"); + if (c->limit_mask == 0) + errx(EX_USAGE, "missing limit mask"); + ac--; av++; + } + break; + + case TOK_PROTO: + NEED1("missing protocol"); + if (add_proto(cmd, *av)) { + proto = cmd->arg1; + ac--; av++; + } else + errx(EX_DATAERR, "invalid protocol ``%s''", + *av); + break; + + case TOK_SRCIP: + NEED1("missing source IP"); + if (add_srcip(cmd, *av)) { + ac--; av++; + } + break; + + case TOK_DSTIP: + NEED1("missing destination IP"); + if (add_dstip(cmd, *av)) { + ac--; av++; + } + break; + + case TOK_SRCPORT: + NEED1("missing source port"); + if (!strncmp(*av, "any", strlen(*av)) || + add_ports(cmd, *av, proto, O_IP_SRCPORT)) { + ac--; av++; + } else + errx(EX_DATAERR, "invalid source port %s", *av); + break; + + case TOK_DSTPORT: + NEED1("missing destination port"); + if (!strncmp(*av, "any", strlen(*av)) || + add_ports(cmd, *av, proto, O_IP_DSTPORT)) { + ac--; av++; + } else + errx(EX_DATAERR, "invalid destination port %s", + *av); + break; + + case TOK_MAC: + if (ac < 2) + errx(EX_USAGE, "MAC dst-mac src-mac"); + if (add_mac(cmd, ac, av)) { + ac -= 2; av += 2; + } + break; + + case TOK_MACTYPE: + NEED1("missing mac type"); + if (!add_mactype(cmd, ac, *av)) + errx(EX_DATAERR, "invalid mac type %s", *av); + ac--; av++; + break; + + case TOK_VERREVPATH: + fill_cmd(cmd, O_VERREVPATH, 0, 0); + break; + + case TOK_IPSEC: + fill_cmd(cmd, O_IPSEC, 0, 0); + break; + + case TOK_COMMENT: + fill_comment(cmd, ac, av); + av += ac; + ac = 0; + break; + + default: + errx(EX_USAGE, "unrecognised option [%d] %s\n", i, s); + } + if (F_LEN(cmd) > 0) { /* prepare to advance */ + prev = cmd; + cmd = next_cmd(cmd); + } + } + +done: + /* + * Now copy stuff into the rule. + * If we have a keep-state option, the first instruction + * must be a PROBE_STATE (which is generated here). + * If we have a LOG option, it was stored as the first command, + * and now must be moved to the top of the action part. + */ + dst = (ipfw_insn *)rule->cmd; + + /* + * First thing to write into the command stream is the match probability. + */ + if (match_prob != 1) { /* 1 means always match */ + dst->opcode = O_PROB; + dst->len = 2; + *((int32_t *)(dst+1)) = (int32_t)(match_prob * 0x7fffffff); + dst += dst->len; + } + + /* + * generate O_PROBE_STATE if necessary + */ + if (have_state && have_state->opcode != O_CHECK_STATE) { + fill_cmd(dst, O_PROBE_STATE, 0, 0); + dst = next_cmd(dst); + } + /* + * copy all commands but O_LOG, O_KEEP_STATE, O_LIMIT + */ + for (src = (ipfw_insn *)cmdbuf; src != cmd; src += i) { + i = F_LEN(src); + + switch (src->opcode) { + case O_LOG: + case O_KEEP_STATE: + case O_LIMIT: + break; + default: + bcopy(src, dst, i * sizeof(uint32_t)); + dst += i; + } + } + + /* + * put back the have_state command as last opcode + */ + if (have_state && have_state->opcode != O_CHECK_STATE) { + i = F_LEN(have_state); + bcopy(have_state, dst, i * sizeof(uint32_t)); + dst += i; + } + /* + * start action section + */ + rule->act_ofs = dst - rule->cmd; + + /* + * put back O_LOG if necessary + */ + src = (ipfw_insn *)cmdbuf; + if (src->opcode == O_LOG) { + i = F_LEN(src); + bcopy(src, dst, i * sizeof(uint32_t)); + dst += i; + } + /* + * copy all other actions + */ + for (src = (ipfw_insn *)actbuf; src != action; src += i) { + i = F_LEN(src); + bcopy(src, dst, i * sizeof(uint32_t)); + dst += i; + } + + rule->cmd_len = (uint32_t *)dst - (uint32_t *)(rule->cmd); + i = (char *)dst - (char *)rule; + + if (do_cmd(IP_FW_ADD, rule, (uintptr_t)&i) == -1) + err(EX_UNAVAILABLE, "getsockopt(%s)", "IP_FW_ADD"); + if (!do_quiet) + show_ipfw(rule, 0, 0); +} + +static void +zero(int ac, char *av[], int optname /* IP_FW_ZERO or IP_FW_RESETLOG */) +{ + struct ip_fw rule; + int rulenum; + int failed = EX_OK; + char const *name = optname == IP_FW_ZERO ? "ZERO" : "RESETLOG"; + + av++; ac--; + bzero(&rule, sizeof(rule)); + + if (!ac) { + /* clear all entries - send empty rule */ + if (do_cmd(optname, &rule, sizeof(rule)) < 0) + err(EX_UNAVAILABLE, "setsockopt(IP_FW_%s)", name); + if (!do_quiet) + printf("%s.\n", optname == IP_FW_ZERO ? + "Accounting cleared":"Logging counts reset"); + + return; + } + + while (ac) { + /* Rule number */ + if (isdigit(**av)) { + rulenum = atoi(*av); + av++; + ac--; + rule.rulenum = rulenum; + if (do_cmd(optname, &rule, sizeof(rule))) { + warn("rule %u: setsockopt(IP_FW_%s)", + rulenum, name); + failed = EX_UNAVAILABLE; + } else if (!do_quiet) + printf("Entry %d %s.\n", rulenum, + optname == IP_FW_ZERO ? + "cleared" : "logging count reset"); + } else { + errx(EX_USAGE, "invalid rule number ``%s''", *av); + } + } + if (failed != EX_OK) + exit(failed); +} + +static void +flush(int force) +{ + int cmd = do_pipe ? IP_DUMMYNET_FLUSH : IP_FW_FLUSH; + struct ip_fw rule; + + if (!force && !do_quiet) { /* need to ask user */ + int c; + + printf("Are you sure? [yn] "); + fflush(stdout); + do { + c = toupper(getc(stdin)); + while (c != '\n' && getc(stdin) != '\n') + if (feof(stdin)) + return; /* and do not flush */ + } while (c != 'Y' && c != 'N'); + printf("\n"); + if (c == 'N') /* user said no */ + return; + } + + if (cmd == IP_FW_FLUSH) { + /* send empty rule */ + bzero(&rule, sizeof(rule)); + if (do_cmd(cmd, &rule, sizeof(rule)) < 0) + err(EX_UNAVAILABLE, "setsockopt(IP_FW_FLUSH)"); + } + else { + if (do_cmd(cmd, NULL, 0) < 0) + err(EX_UNAVAILABLE, "setsockopt(IP_DUMMYNET_FLUSH)"); + } + if (!do_quiet) + printf("Flushed all %s.\n", do_pipe ? "pipes" : "rules"); +} + +/* + * Free a the (locally allocated) copy of command line arguments. + */ +static void +free_args(int ac, char **av) +{ + int i; + + for (i=0; i < ac; i++) + free(av[i]); + free(av); +} + +/* + * Called with the arguments (excluding program name). + * Returns 0 if successful, 1 if empty command, errx() in case of errors. + */ +static int +ipfw_main(int oldac, char **oldav) +{ + int ch, ac, save_ac; + char **av, **save_av; + int do_acct = 0; /* Show packet/byte count */ + int do_force = 0; /* Don't ask for confirmation */ + +#define WHITESP " \t\f\v\n\r" + if (oldac == 0) + return 1; + else if (oldac == 1) { + /* + * If we are called with a single string, try to split it into + * arguments for subsequent parsing. + * But first, remove spaces after a ',', by copying the string + * in-place. + */ + char *arg = oldav[0]; /* The string... */ + int l = strlen(arg); + int copy = 0; /* 1 if we need to copy, 0 otherwise */ + int i, j; + for (i = j = 0; i < l; i++) { + if (arg[i] == '#') /* comment marker */ + break; + if (copy) { + arg[j++] = arg[i]; + copy = !index("," WHITESP, arg[i]); + } else { + copy = !index(WHITESP, arg[i]); + if (copy) + arg[j++] = arg[i]; + } + } + if (!copy && j > 0) /* last char was a 'blank', remove it */ + j--; + l = j; /* the new argument length */ + arg[j++] = '\0'; + if (l == 0) /* empty string! */ + return 1; + + /* + * First, count number of arguments. Because of the previous + * processing, this is just the number of blanks plus 1. + */ + for (i = 0, ac = 1; i < l; i++) + if (index(WHITESP, arg[i]) != NULL) + ac++; + + av = calloc(ac, sizeof(char *)); + + /* + * Second, copy arguments from cmd[] to av[]. For each one, + * j is the initial character, i is the one past the end. + */ + for (ac = 0, i = j = 0; i < l; i++) + if (index(WHITESP, arg[i]) != NULL || i == l-1) { + if (i == l-1) + i++; + av[ac] = calloc(i-j+1, 1); + bcopy(arg+j, av[ac], i-j); + ac++; + j = i + 1; + } + } else { + /* + * If an argument ends with ',' join with the next one. + */ + int first, i, l; + + av = calloc(oldac, sizeof(char *)); + for (first = i = ac = 0, l = 0; i < oldac; i++) { + char *arg = oldav[i]; + int k = strlen(arg); + + l += k; + if (arg[k-1] != ',' || i == oldac-1) { + /* Time to copy. */ + av[ac] = calloc(l+1, 1); + for (l=0; first <= i; first++) { + strcat(av[ac]+l, oldav[first]); + l += strlen(oldav[first]); + } + ac++; + l = 0; + first = i+1; + } + } + } + + /* Set the force flag for non-interactive processes */ + do_force = !isatty(STDIN_FILENO); + + /* Save arguments for final freeing of memory. */ + save_ac = ac; + save_av = av; + + optind = optreset = 0; + while ((ch = getopt(ac, av, "acdefhnNqs:STtv")) != -1) + switch (ch) { + case 'a': + do_acct = 1; + break; + + case 'c': + do_compact = 1; + break; + + case 'd': + do_dynamic = 1; + break; + + case 'e': + do_expired = 1; + break; + + case 'f': + do_force = 1; + break; + + case 'h': /* help */ + free_args(save_ac, save_av); + help(); + break; /* NOTREACHED */ + + case 'n': + test_only = 1; + break; + + case 'N': + do_resolv = 1; + break; + + case 'q': + do_quiet = 1; + break; + + case 's': /* sort */ + do_sort = atoi(optarg); + break; + + case 'S': + show_sets = 1; + break; + + case 't': + do_time = 1; + break; + + case 'T': + do_time = 2; /* numeric timestamp */ + break; + + case 'v': /* verbose */ + verbose = 1; + break; + + default: + free_args(save_ac, save_av); + return 1; + } + + ac -= optind; + av += optind; + NEED1("bad arguments, for usage summary ``ipfw''"); + + /* + * An undocumented behaviour of ipfw1 was to allow rule numbers first, + * e.g. "100 add allow ..." instead of "add 100 allow ...". + * In case, swap first and second argument to get the normal form. + */ + if (ac > 1 && isdigit(*av[0])) { + char *p = av[0]; + + av[0] = av[1]; + av[1] = p; + } + + /* + * optional: pipe or queue + */ + do_pipe = 0; + if (!strncmp(*av, "pipe", strlen(*av))) + do_pipe = 1; + else if (!strncmp(*av, "queue", strlen(*av))) + do_pipe = 2; + if (do_pipe) { + ac--; + av++; + } + NEED1("missing command"); + + /* + * For pipes and queues we normally say 'pipe NN config' + * but the code is easier to parse as 'pipe config NN' + * so we swap the two arguments. + */ + if (do_pipe > 0 && ac > 1 && isdigit(*av[0])) { + char *p = av[0]; + + av[0] = av[1]; + av[1] = p; + } + + if (!strncmp(*av, "add", strlen(*av))) + add(ac, av); + else if (do_pipe && !strncmp(*av, "config", strlen(*av))) + config_pipe(ac, av); + else if (!strncmp(*av, "delete", strlen(*av))) + delete(ac, av); + else if (!strncmp(*av, "flush", strlen(*av))) + flush(do_force); + else if (!strncmp(*av, "zero", strlen(*av))) + zero(ac, av, IP_FW_ZERO); + else if (!strncmp(*av, "resetlog", strlen(*av))) + zero(ac, av, IP_FW_RESETLOG); + else if (!strncmp(*av, "print", strlen(*av)) || + !strncmp(*av, "list", strlen(*av))) + list(ac, av, do_acct); + else if (!strncmp(*av, "set", strlen(*av))) + sets_handler(ac, av); + else if (!strncmp(*av, "enable", strlen(*av))) + sysctl_handler(ac, av, 1); + else if (!strncmp(*av, "disable", strlen(*av))) + sysctl_handler(ac, av, 0); + else if (!strncmp(*av, "show", strlen(*av))) + list(ac, av, 1 /* show counters */); + else + errx(EX_USAGE, "bad command `%s'", *av); + + /* Free memory allocated in the argument parsing. */ + free_args(save_ac, save_av); + return 0; +} + + +static void +ipfw_readfile(int ac, char *av[]) +{ +#define MAX_ARGS 32 + char buf[BUFSIZ]; + char *cmd = NULL, *filename = av[ac-1]; + int c, lineno=0; + FILE *f = NULL; + pid_t preproc = 0; + + filename = av[ac-1]; + + while ((c = getopt(ac, av, "cNnp:qS")) != -1) { + switch(c) { + case 'c': + do_compact = 1; + break; + + case 'N': + do_resolv = 1; + break; + + case 'n': + test_only = 1; + break; + + case 'p': + cmd = optarg; + /* + * Skip previous args and delete last one, so we + * pass all but the last argument to the preprocessor + * via av[optind-1] + */ + av += optind - 1; + ac -= optind - 1; + av[ac-1] = NULL; + fprintf(stderr, "command is %s\n", av[0]); + break; + + case 'q': + do_quiet = 1; + break; + + case 'S': + show_sets = 1; + break; + + default: + errx(EX_USAGE, "bad arguments, for usage" + " summary ``ipfw''"); + } + + if (cmd != NULL) + break; + } + + if (cmd == NULL && ac != optind + 1) { + fprintf(stderr, "ac %d, optind %d\n", ac, optind); + errx(EX_USAGE, "extraneous filename arguments"); + } + + if ((f = fopen(filename, "r")) == NULL) + err(EX_UNAVAILABLE, "fopen: %s", filename); + + if (cmd != NULL) { /* pipe through preprocessor */ + int pipedes[2]; + + if (pipe(pipedes) == -1) + err(EX_OSERR, "cannot create pipe"); + + preproc = fork(); + if (preproc == -1) + err(EX_OSERR, "cannot fork"); + + if (preproc == 0) { + /* + * Child, will run the preprocessor with the + * file on stdin and the pipe on stdout. + */ + if (dup2(fileno(f), 0) == -1 + || dup2(pipedes[1], 1) == -1) + err(EX_OSERR, "dup2()"); + fclose(f); + close(pipedes[1]); + close(pipedes[0]); + execvp(cmd, av); + err(EX_OSERR, "execvp(%s) failed", cmd); + } else { /* parent, will reopen f as the pipe */ + fclose(f); + close(pipedes[1]); + if ((f = fdopen(pipedes[0], "r")) == NULL) { + int savederrno = errno; + + (void)kill(preproc, SIGTERM); + errno = savederrno; + err(EX_OSERR, "fdopen()"); + } + } + } + + while (fgets(buf, BUFSIZ, f)) { /* read commands */ + char linename[10]; + char *args[1]; + + lineno++; + sprintf(linename, "Line %d", lineno); + setprogname(linename); /* XXX */ + args[0] = buf; + ipfw_main(1, args); + } + fclose(f); + if (cmd != NULL) { + int status; + + if (waitpid(preproc, &status, 0) == -1) + errx(EX_OSERR, "waitpid()"); + if (WIFEXITED(status) && WEXITSTATUS(status) != EX_OK) + errx(EX_UNAVAILABLE, + "preprocessor exited with status %d", + WEXITSTATUS(status)); + else if (WIFSIGNALED(status)) + errx(EX_UNAVAILABLE, + "preprocessor exited with signal %d", + WTERMSIG(status)); + } +} + +int +main(int ac, char *av[]) +{ + /* + * If the last argument is an absolute pathname, interpret it + * as a file to be preprocessed. + */ + + if (ac > 1 && av[ac - 1][0] == '/' && access(av[ac - 1], R_OK) == 0) + ipfw_readfile(ac, av); + else { + if (ipfw_main(ac-1, av+1)) + show_usage(); + } + return EX_OK; +} diff --git a/kdumpd.tproj/kdump.h b/kdumpd.tproj/kdump.h index 22b732d..0df2702 100644 --- a/kdumpd.tproj/kdump.h +++ b/kdumpd.tproj/kdump.h @@ -3,19 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * The contents of this file constitute Original Code as defined in and - * are subject to the Apple Public Source License Version 1.1 (the - * "License"). You may not use this file except in compliance with the - * License. Please obtain a copy of the License at - * http://www.apple.com/publicsource and read it before using this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. * - * This Original Code and all software distributed under the License are - * distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY KIND, EITHER + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. + * + * The Original Code and all software distributed under the License are + * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License. + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/kdumpd.tproj/kdumpsubs.h b/kdumpd.tproj/kdumpsubs.h index b7ec1c6..2bc213e 100644 --- a/kdumpd.tproj/kdumpsubs.h +++ b/kdumpd.tproj/kdumpsubs.h @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/logger.tproj/logger.c b/logger.tproj/logger.c index 0ec8b27..ba5493d 100644 --- a/logger.tproj/logger.c +++ b/logger.tproj/logger.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/makedbm.tproj/_db.h b/makedbm.tproj/_db.h index bbcf1a1..e3e1164 100644 --- a/makedbm.tproj/_db.h +++ b/makedbm.tproj/_db.h @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/makedbm.tproj/db.c b/makedbm.tproj/db.c index f2b8acb..65ede66 100644 --- a/makedbm.tproj/db.c +++ b/makedbm.tproj/db.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/makedbm.tproj/makedbm.c b/makedbm.tproj/makedbm.c index 8d2f73e..d34ba0a 100644 --- a/makedbm.tproj/makedbm.c +++ b/makedbm.tproj/makedbm.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/makedbm.tproj/ypdb.c b/makedbm.tproj/ypdb.c index c9bd178..9530e42 100644 --- a/makedbm.tproj/ypdb.c +++ b/makedbm.tproj/ypdb.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/makedbm.tproj/ypdb.h b/makedbm.tproj/ypdb.h index 45b0a7f..61e9547 100644 --- a/makedbm.tproj/ypdb.h +++ b/makedbm.tproj/ypdb.h @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/makedbm.tproj/ypdef.h b/makedbm.tproj/ypdef.h index 89970d7..ade70ef 100644 --- a/makedbm.tproj/ypdef.h +++ b/makedbm.tproj/ypdef.h @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/natd.tproj/icmp.c b/natd.tproj/icmp.c index 4e62d3f..e05f255 100644 --- a/natd.tproj/icmp.c +++ b/natd.tproj/icmp.c @@ -3,19 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * The contents of this file constitute Original Code as defined in and - * are subject to the Apple Public Source License Version 1.1 (the - * "License"). You may not use this file except in compliance with the - * License. Please obtain a copy of the License at - * http://www.apple.com/publicsource and read it before using this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. * - * This Original Code and all software distributed under the License are - * distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY KIND, EITHER + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. + * + * The Original Code and all software distributed under the License are + * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License. + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/natd.tproj/natd.c b/natd.tproj/natd.c index d643767..429c7f4 100644 --- a/natd.tproj/natd.c +++ b/natd.tproj/natd.c @@ -3,19 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * The contents of this file constitute Original Code as defined in and - * are subject to the Apple Public Source License Version 1.1 (the - * "License"). You may not use this file except in compliance with the - * License. Please obtain a copy of the License at - * http://www.apple.com/publicsource and read it before using this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. * - * This Original Code and all software distributed under the License are - * distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY KIND, EITHER + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. + * + * The Original Code and all software distributed under the License are + * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License. + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/natd.tproj/natd.h b/natd.tproj/natd.h index f2c1f26..204c305 100644 --- a/natd.tproj/natd.h +++ b/natd.tproj/natd.h @@ -3,19 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * The contents of this file constitute Original Code as defined in and - * are subject to the Apple Public Source License Version 1.1 (the - * "License"). You may not use this file except in compliance with the - * License. Please obtain a copy of the License at - * http://www.apple.com/publicsource and read it before using this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. * - * This Original Code and all software distributed under the License are - * distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY KIND, EITHER + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. + * + * The Original Code and all software distributed under the License are + * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License. + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/netstat.tproj/data.c b/netstat.tproj/data.c index 9e0bbe2..16aeae5 100644 --- a/netstat.tproj/data.c +++ b/netstat.tproj/data.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/netstat.tproj/main.c b/netstat.tproj/main.c index 8bb9436..9eea7a3 100644 --- a/netstat.tproj/main.c +++ b/netstat.tproj/main.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/netstat.tproj/mbuf.c b/netstat.tproj/mbuf.c index 95f81b4..260f6aa 100644 --- a/netstat.tproj/mbuf.c +++ b/netstat.tproj/mbuf.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/netstat.tproj/mroute.c b/netstat.tproj/mroute.c index a2d22f9..4c94d2b 100644 --- a/netstat.tproj/mroute.c +++ b/netstat.tproj/mroute.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/netstat.tproj/netstat.h b/netstat.tproj/netstat.h index b64150a..64030ca 100644 --- a/netstat.tproj/netstat.h +++ b/netstat.tproj/netstat.h @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/netstat.tproj/route.c b/netstat.tproj/route.c index 06fc5a9..493437b 100644 --- a/netstat.tproj/route.c +++ b/netstat.tproj/route.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/netstat.tproj/unix.c b/netstat.tproj/unix.c index 541c716..2711e01 100644 --- a/netstat.tproj/unix.c +++ b/netstat.tproj/unix.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/nfsd.tproj/nfsd.c b/nfsd.tproj/nfsd.c index a40ac6a..84eed6b 100644 --- a/nfsd.tproj/nfsd.c +++ b/nfsd.tproj/nfsd.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/nfsiod.tproj/nfsiod.c b/nfsiod.tproj/nfsiod.c index 92acb86..dfc48d0 100644 --- a/nfsiod.tproj/nfsiod.c +++ b/nfsiod.tproj/nfsiod.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/nfsstat.tproj/nfsstat.c b/nfsstat.tproj/nfsstat.c index 1f589c3..b91f089 100644 --- a/nfsstat.tproj/nfsstat.c +++ b/nfsstat.tproj/nfsstat.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/ping.tproj/ping.c b/ping.tproj/ping.c index 4aad17e..c152f09 100644 --- a/ping.tproj/ping.c +++ b/ping.tproj/ping.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/racoon.tproj/crypto_openssl.c b/racoon.tproj/crypto_openssl.c index 4fc9fe0..cb4da65 100644 --- a/racoon.tproj/crypto_openssl.c +++ b/racoon.tproj/crypto_openssl.c @@ -56,7 +56,6 @@ #endif #ifdef HAVE_OPENSSL_X509_H #include -#include #include #endif #include @@ -100,8 +99,7 @@ */ #ifdef HAVE_SIGNING_C -static int cb_check_cert_local __P((int, X509_STORE_CTX *)); -static int cb_check_cert_remote __P((int, X509_STORE_CTX *)); +static int cb_check_cert __P((int, X509_STORE_CTX *)); static void eay_setgentype __P((char *, int *)); static X509 *mem2x509 __P((vchar_t *)); #endif @@ -223,10 +221,9 @@ eay_cmp_asn1dn(n1, n2) * this functions is derived from apps/verify.c in OpenSSL0.9.5 */ int -eay_check_x509cert(cert, CApath, local) +eay_check_x509cert(cert, CApath) vchar_t *cert; char *CApath; - int local; { X509_STORE *cert_ctx = NULL; X509_LOOKUP *lookup = NULL; @@ -248,12 +245,7 @@ eay_check_x509cert(cert, CApath, local) cert_ctx = X509_STORE_new(); if (cert_ctx == NULL) goto end; - - if (local) - X509_STORE_set_verify_cb_func(cert_ctx, cb_check_cert_local); - else - X509_STORE_set_verify_cb_func(cert_ctx, cb_check_cert_remote); - + X509_STORE_set_verify_cb_func(cert_ctx, cb_check_cert); lookup = X509_STORE_add_lookup(cert_ctx, X509_LOOKUP_file()); if (lookup == NULL) @@ -280,12 +272,6 @@ eay_check_x509cert(cert, CApath, local) if (csc == NULL) goto end; X509_STORE_CTX_init(csc, cert_ctx, x509, NULL); - -#if OPENSSL_VERSION_NUMBER >= 0x00907000L - X509_STORE_CTX_set_flags(csc, X509_V_FLAG_CRL_CHECK); - X509_STORE_CTX_set_flags(csc, X509_V_FLAG_CRL_CHECK_ALL); -#endif - error = X509_verify_cert(csc); X509_STORE_CTX_cleanup(csc); #else @@ -313,13 +299,10 @@ end: /* * callback function for verifing certificate. - * Derived from cb() in openssl/apps/s_server.c - * - * This one is called for certificates obtained from - * 'peers_certfile' directive. + * this function is derived from cb() in openssl/apps/s_server.c */ static int -cb_check_cert_local(ok, ctx) +cb_check_cert(ok, ctx) int ok; X509_STORE_CTX *ctx; { @@ -340,64 +323,16 @@ cb_check_cert_local(ok, ctx) case X509_V_ERR_CERT_HAS_EXPIRED: case X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT: #if OPENSSL_VERSION_NUMBER >= 0x00905100L + case X509_V_ERR_INVALID_CA: + case X509_V_ERR_PATH_LENGTH_EXCEEDED: case X509_V_ERR_INVALID_PURPOSE: - case X509_V_ERR_UNABLE_TO_GET_CRL: #endif - ok = 1; - log_tag = LLV_WARNING; - break; - - default: + ok = 1; + log_tag = LLV_WARNING; + break; + default: log_tag = LLV_ERROR; - } - - -#ifndef EAYDEBUG - plog(log_tag, LOCATION, NULL, - "%s(%d) at depth:%d SubjectName:%s\n", - X509_verify_cert_error_string(ctx->error), - ctx->error, - ctx->error_depth, - buf); -#else - printf("%d: %s(%d) at depth:%d SubjectName:%s\n", - log_tag, - X509_verify_cert_error_string(ctx->error), - ctx->error, - ctx->error_depth, - buf); -#endif - } - ERR_clear_error(); - - return ok; -} - -/* - * Similar to cb_check_cert_local() but this one is called - * for certificates obtained from the IKE payload. - */ -static int -cb_check_cert_remote(ok, ctx) - int ok; - X509_STORE_CTX *ctx; -{ - char buf[256]; - int log_tag; - - if (!ok) { - X509_NAME_oneline( - X509_get_subject_name(ctx->current_cert), - buf, - 256); - switch (ctx->error) { - case X509_V_ERR_UNABLE_TO_GET_CRL: - ok = 1; - log_tag = LLV_WARNING; - break; - default: - log_tag = LLV_ERROR; - } + } #ifndef EAYDEBUG plog(log_tag, LOCATION, NULL, "%s(%d) at depth:%d SubjectName:%s\n", @@ -765,9 +700,7 @@ eay_check_x509sign(source, sig, cert) evp = X509_get_pubkey(x509); if (!evp) { -#ifndef EAYDEBUG plog(LLV_ERROR, LOCATION, NULL, "X509_get_pubkey: %s\n", eay_strerror()); -#endif return -1; } diff --git a/racoon.tproj/crypto_openssl.h b/racoon.tproj/crypto_openssl.h index 7139a82..7e2e20a 100644 --- a/racoon.tproj/crypto_openssl.h +++ b/racoon.tproj/crypto_openssl.h @@ -47,7 +47,7 @@ extern vchar_t *eay_str2asn1dn __P((char *, int)); extern int eay_cmp_asn1dn __P((vchar_t *, vchar_t *)); -extern int eay_check_x509cert __P((vchar_t *, char *, int)); +extern int eay_check_x509cert __P((vchar_t *, char *)); extern vchar_t *eay_get_x509asn1subjectname __P((vchar_t *)); extern int eay_get_x509subjectaltname __P((vchar_t *, char **, int *, int)); extern char *eay_get_x509text __P((vchar_t *)); diff --git a/racoon.tproj/grabmyaddr.c b/racoon.tproj/grabmyaddr.c index 1ba6d8b..5abd87f 100644 --- a/racoon.tproj/grabmyaddr.c +++ b/racoon.tproj/grabmyaddr.c @@ -71,7 +71,7 @@ #ifndef HAVE_GETIFADDRS static unsigned int if_maxindex __P((void)); #endif -static struct myaddrs *find_myaddr __P((struct myaddrs *, struct myaddrs *)); +static struct myaddrs *find_myaddr __P((struct myaddrs *, struct sockaddr *)); static int suitable_ifaddr __P((const char *, const struct sockaddr *)); #ifdef INET6 static int suitable_ifaddr6 __P((const char *, const struct sockaddr *)); @@ -108,19 +108,21 @@ clear_myaddr(db) } static struct myaddrs * -find_myaddr(db, p) +find_myaddr(db, addr) struct myaddrs *db; - struct myaddrs *p; + struct sockaddr *addr; { struct myaddrs *q; char h1[NI_MAXHOST], h2[NI_MAXHOST]; - if (getnameinfo(p->addr, p->addr->sa_len, h1, sizeof(h1), NULL, 0, + if (getnameinfo(addr, addr->sa_len, h1, sizeof(h1), NULL, 0, NI_NUMERICHOST | niflags) != 0) return NULL; - + for (q = db; q; q = q->next) { - if (p->addr->sa_len != q->addr->sa_len) + if (!q->addr) + continue; + if (addr->sa_len != q->addr->sa_len) continue; if (getnameinfo(q->addr, q->addr->sa_len, h2, sizeof(h2), NULL, 0, NI_NUMERICHOST | niflags) != 0) @@ -132,11 +134,15 @@ find_myaddr(db, p) return NULL; } +// 1/19/04 - modified to avoid closing and opening sockets for +// all interfaces each time an interface change occurs. +// on return: addrcount = zero indicates address no longer used +// sock = -1 indicates a new address - no socket opened yet. void grab_myaddrs() { #ifdef HAVE_GETIFADDRS - struct myaddrs *p, *q, *old; + struct myaddrs *p; struct ifaddrs *ifa0, *ifap; #ifdef INET6 #ifdef __KAME__ @@ -153,7 +159,9 @@ grab_myaddrs() /*NOTREACHED*/ } - old = lcconf->myaddrs; + // zero the count for each address in our list + for (p = lcconf->myaddrs; p; p = p->next) + p->addrcount = 0; for (ifap = ifa0; ifap; ifap = ifap->ifa_next) { @@ -172,152 +180,41 @@ grab_myaddrs() continue; } - p = newmyaddr(); - if (p == NULL) { - exit(1); - /*NOTREACHED*/ - } - p->addr = dupsaddr(ifap->ifa_addr); - if (p->addr == NULL) { - exit(1); - /*NOTREACHED*/ - } #ifdef INET6 #ifdef __KAME__ - if (ifap->ifa_addr->sa_family == AF_INET6) { - sin6 = (struct sockaddr_in6 *)p->addr; - if (IN6_IS_ADDR_LINKLOCAL(&sin6->sin6_addr) - || IN6_IS_ADDR_SITELOCAL(&sin6->sin6_addr)) { - sin6->sin6_scope_id = - ntohs(*(u_int16_t *)&sin6->sin6_addr.s6_addr[2]); - sin6->sin6_addr.s6_addr[2] = 0; - sin6->sin6_addr.s6_addr[3] = 0; + if (ifap->ifa_addr->sa_family == AF_INET6) { + sin6 = (struct sockaddr_in6 *)ifap->ifa_addr; + if (IN6_IS_ADDR_LINKLOCAL(&sin6->sin6_addr) + || IN6_IS_ADDR_SITELOCAL(&sin6->sin6_addr)) { + sin6->sin6_scope_id = + ntohs(*(u_int16_t *)&sin6->sin6_addr.s6_addr[2]); + sin6->sin6_addr.s6_addr[2] = 0; + sin6->sin6_addr.s6_addr[3] = 0; + } } - } -#endif -#endif - if (getnameinfo(p->addr, p->addr->sa_len, - addr1, sizeof(addr1), - NULL, 0, - NI_NUMERICHOST | niflags)) - strlcpy(addr1, "(invalid)", sizeof(addr1)); - plog(LLV_DEBUG, LOCATION, NULL, - "my interface: %s (%s)\n", - addr1, ifap->ifa_name); - q = find_myaddr(old, p); - if (q) { - p->sock = q->sock; -#ifdef IKE_NAT_T - p->nattsock = q->nattsock; #endif - } else { - p->sock = -1; -#ifdef IKE_NAT_T - p->nattsock = -1; #endif - } - p->next = lcconf->myaddrs; - lcconf->myaddrs = p; - } - - freeifaddrs(ifa0); - - clear_myaddr(&old); - -#else /*!HAVE_GETIFADDRS*/ - int s; - unsigned int maxif; - int len; - struct ifreq *iflist; - struct ifconf ifconf; - struct ifreq *ifr, *ifr_end; - struct myaddrs *p, *q, *old; -#ifdef INET6 -#ifdef __KAME__ - struct sockaddr_in6 *sin6; -#endif -#endif - - char addr1[NI_MAXHOST]; - - maxif = if_maxindex() + 1; - len = maxif * sizeof(struct sockaddr_storage) * 4; /* guess guess */ - - iflist = (struct ifreq *)racoon_malloc(len); - if (!iflist) { - plog(LLV_ERROR, LOCATION, NULL, - "failed to allocate buffer\n"); - exit(1); - /*NOTREACHED*/ - } - - if ((s = socket(PF_INET, SOCK_DGRAM, 0)) < 0) { - plog(LLV_ERROR, LOCATION, NULL, - "socket(SOCK_DGRAM) failed: %s\n", - strerror(errno)); - exit(1); - /*NOTREACHED*/ - } - memset(&ifconf, 0, sizeof(ifconf)); - ifconf.ifc_req = iflist; - ifconf.ifc_len = len; - if (ioctl(s, SIOCGIFCONF, &ifconf) < 0) { - plog(LLV_ERROR, LOCATION, NULL, - "ioctl(SIOCGIFCONF) failed: %s\n", - strerror(errno)); - exit(1); - /*NOTREACHED*/ - } - close(s); - - old = lcconf->myaddrs; - - /* Look for this interface in the list */ - ifr_end = (struct ifreq *) (ifconf.ifc_buf + ifconf.ifc_len); - -#define _IFREQ_LEN(p) \ - (sizeof((p)->ifr_name) + (p)->ifr_addr.sa_len > sizeof(struct ifreq) \ - ? sizeof((p)->ifr_name) + (p)->ifr_addr.sa_len : sizeof(struct ifreq)) - - for (ifr = ifconf.ifc_req; - ifr < ifr_end; - ifr = (struct ifreq *)((caddr_t)ifr + _IFREQ_LEN(ifr))) { - - switch (ifr->ifr_addr.sa_family) { - case AF_INET: -#ifdef INET6 - case AF_INET6: -#endif - if (!suitable_ifaddr(ifr->ifr_name, &ifr->ifr_addr)) { - plog(LLV_ERROR, LOCATION, NULL, - "unsuitable address: %s %s\n", - ifr->ifr_name, - saddrwop2str(&ifr->ifr_addr)); - continue; - } + p = find_myaddr(lcconf->myaddrs, ifap->ifa_addr); + if (p) + p->addrcount++; + else { p = newmyaddr(); if (p == NULL) { exit(1); /*NOTREACHED*/ } - p->addr = dupsaddr(&ifr->ifr_addr); + p->addr = dupsaddr(ifap->ifa_addr); if (p->addr == NULL) { exit(1); /*NOTREACHED*/ } -#ifdef INET6 -#ifdef __KAME__ - sin6 = (struct sockaddr_in6 *)p->addr; - if (IN6_IS_ADDR_LINKLOCAL(&sin6->sin6_addr) - || IN6_IS_ADDR_SITELOCAL(&sin6->sin6_addr)) { - sin6->sin6_scope_id = - ntohs(*(u_int16_t *)&sin6->sin6_addr.s6_addr[2]); - sin6->sin6_addr.s6_addr[2] = 0; - sin6->sin6_addr.s6_addr[3] = 0; - } -#endif + p->sock = -1; +#ifdef IKE_NAT_T + p->nattsock = -1; #endif + p->addrcount = 1; + if (getnameinfo(p->addr, p->addr->sa_len, addr1, sizeof(addr1), NULL, 0, @@ -325,23 +222,18 @@ grab_myaddrs() strlcpy(addr1, "(invalid)", sizeof(addr1)); plog(LLV_DEBUG, LOCATION, NULL, "my interface: %s (%s)\n", - addr1, ifr->ifr_name); - q = find_myaddr(old, p); - if (q) - p->sock = q->sock; - else - p->sock = -1; + addr1, ifap->ifa_name); + p->next = lcconf->myaddrs; lcconf->myaddrs = p; - break; - default: - break; } } - clear_myaddr(&old); + freeifaddrs(ifa0); - racoon_free(iflist); + +#else /*!HAVE_GETIFADDRS*/ +#error "NOT SUPPORTED" #endif /*HAVE_GETIFADDRS*/ } @@ -479,6 +371,8 @@ autoconf_myaddrsport() "configuring default isakmp port.\n"); n = 0; for (p = lcconf->myaddrs; p; p = p->next) { + if (!p->addr) + continue; switch (p->addr->sa_family) { case AF_INET: sin4 = (struct sockaddr_in *)p->addr; diff --git a/racoon.tproj/grabmyaddr.h b/racoon.tproj/grabmyaddr.h index d05fbae..b467b56 100644 --- a/racoon.tproj/grabmyaddr.h +++ b/racoon.tproj/grabmyaddr.h @@ -36,6 +36,8 @@ struct myaddrs { #ifdef IKE_NAT_T int nattsock; /* nat-traversal socket (port PORT_ISAKMP_NATT), for IPv4 sockets only */ #endif + int addrcount; /* number of interfaces associated with this address */ + }; extern void clear_myaddr __P((struct myaddrs **)); diff --git a/racoon.tproj/isakmp.c b/racoon.tproj/isakmp.c index 0f6b38b..6d9ef9a 100644 --- a/racoon.tproj/isakmp.c +++ b/racoon.tproj/isakmp.c @@ -1549,7 +1549,12 @@ isakmp_open() for (p = lcconf->myaddrs; p; p = p->next) { if (!p->addr) continue; - + + if (p->sock != -1) { + ifnum++; + continue; // socket already open + } + /* warn if wildcard address - should we forbid this? */ switch (p->addr->sa_family) { case AF_INET: @@ -1591,14 +1596,12 @@ isakmp_open() { struct sockaddr_in sin = *(struct sockaddr_in*)p->addr; - sin.sin_port = ntohs(PORT_ISAKMP_NATT); + sin.sin_port = htons(PORT_ISAKMP_NATT); p->nattsock = isakmp_setup_socket((struct sockaddr*)&sin); if (p->nattsock >= 0) - { plog(LLV_DEBUG, LOCATION, NULL, "%s used as nat-t isakmp port (fd=%d)\n", saddr2str((struct sockaddr*)&sin), p->nattsock); - } } #endif @@ -1644,6 +1647,33 @@ isakmp_close() lcconf->myaddrs = NULL; } +// close sockets for addresses that have gone away +void +isakmp_close_unused() +{ + struct myaddrs *p, *next, **prev; + + prev = &(lcconf->myaddrs); + for (p = lcconf->myaddrs; p; p = next) { + next = p->next; + if (p->addrcount == 0) { // not in use ? + + if (p->sock >= 0) + close(p->sock); + + #ifdef IKE_NAT_T + if (p->nattsock >= 0) + close(p->nattsock); + #endif + *prev = p->next; + if (p->addr) + racoon_free(p->addr); + racoon_free(p); + } else + prev = &(p->next); + } +} + int isakmp_send(iph1, sbuf) struct ph1handle *iph1; diff --git a/racoon.tproj/isakmp_var.h b/racoon.tproj/isakmp_var.h index ec78bd3..54945ae 100644 --- a/racoon.tproj/isakmp_var.h +++ b/racoon.tproj/isakmp_var.h @@ -65,6 +65,7 @@ extern int isakmp_init __P((void)); extern const char *isakmp_pindex __P((const isakmp_index *, const u_int32_t)); extern int isakmp_open __P((void)); extern void isakmp_close __P((void)); +extern void isakmp_close_unused __P((void)); extern int isakmp_send __P((struct ph1handle *, vchar_t *)); extern void isakmp_ph1resend_stub __P((void *)); diff --git a/racoon.tproj/oakley.c b/racoon.tproj/oakley.c index b2a98d7..d7e47da 100644 --- a/racoon.tproj/oakley.c +++ b/racoon.tproj/oakley.c @@ -1280,7 +1280,7 @@ oakley_validate_auth(iph1) switch (iph1->rmconf->certtype) { case ISAKMP_CERT_X509SIGN: error = eay_check_x509cert(&iph1->cert_p->cert, - lcconf->pathinfo[LC_PATHTYPE_CERT], 0); + lcconf->pathinfo[LC_PATHTYPE_CERT]); break; default: plog(LLV_ERROR, LOCATION, NULL, diff --git a/racoon.tproj/pfkey.c b/racoon.tproj/pfkey.c index fbb1f7c..4da945a 100644 --- a/racoon.tproj/pfkey.c +++ b/racoon.tproj/pfkey.c @@ -1418,7 +1418,7 @@ pk_recvexpire(mhp) /* * If the status is not equal to PHASE2ST_ESTABLISHED, * racoon ignores this expire message. There are two reason. - * One is that the phase 2 probably starts becuase there is + * One is that the phase 2 probably starts because there is * a potential that racoon receives the acquire message * without receiving a expire message. Another is that racoon * may receive the multiple expire messages from the kernel. @@ -1524,17 +1524,17 @@ pk_recvacquire(mhp) * If there is a phase 2 handler against the policy identifier in * the acquire message, and if * 1. its state is less than PHASE2ST_ESTABLISHED, then racoon - * should ignore such a acquire message becuase the phase 2 + * should ignore such a acquire message because the phase 2 * is just negotiating. * 2. its state is equal to PHASE2ST_ESTABLISHED, then racoon - * has to prcesss such a acquire message becuase racoon may + * has to prcesss such a acquire message because racoon may * lost the expire message. */ iph2[0] = getph2byspid(xpl->sadb_x_policy_id); if (iph2[0] != NULL) { if (iph2[0]->status < PHASE2ST_ESTABLISHED) { plog(LLV_DEBUG, LOCATION, NULL, - "ignore the acquire becuase ph2 found\n"); + "ignore the acquire because ph2 found\n"); return -1; } if (iph2[0]->status == PHASE2ST_EXPIRED) diff --git a/racoon.tproj/session.c b/racoon.tproj/session.c index 1c21779..ac63be3 100644 --- a/racoon.tproj/session.c +++ b/racoon.tproj/session.c @@ -57,6 +57,7 @@ #include #endif #include +#include #include "libpfkey.h" @@ -121,8 +122,7 @@ session(void) sigreq = 0; while (1) { - rfds = mask0; - + /* * asynchronous requests via signal. * make sure to reset sigreq to 0. @@ -131,7 +131,7 @@ session(void) /* scheduling */ timeout = schedular(); - + rfds = mask0; error = select(nfds, &rfds, (fd_set *)0, (fd_set *)0, timeout); if (error < 0) { switch (errno) { @@ -145,7 +145,6 @@ session(void) } /*NOTREACHED*/ } - #ifdef ENABLE_ADMINPORT if (FD_ISSET(lcconf->sock_admin, &rfds)) admin_handler(); @@ -154,6 +153,7 @@ session(void) for (p = lcconf->myaddrs; p; p = p->next) { if (!p->addr) continue; + if (FD_ISSET(p->sock, &rfds)) isakmp_handler(p->sock); #ifdef IKE_NAT_T @@ -165,11 +165,9 @@ session(void) if (FD_ISSET(lcconf->sock_pfkey, &rfds)) pfkey_handler(); - if (lcconf->rtsock >= 0 && FD_ISSET(lcconf->rtsock, &rfds)) { + if (lcconf->rtsock >= 0 && FD_ISSET(lcconf->rtsock, &rfds)) if (update_myaddrs() && lcconf->autograbaddr) sched_new(5, check_rtsock, NULL); - initfds(); - } } } @@ -185,14 +183,15 @@ close_session() exit(0); } + static void check_rtsock(p) void *p; -{ - isakmp_close(); +{ grab_myaddrs(); + isakmp_close_unused(); autoconf_myaddrsport(); - isakmp_open(); + isakmp_open(); /* initialize socket list again */ initfds(); diff --git a/rarpd.tproj/rarpd.c b/rarpd.tproj/rarpd.c index 890be78..cb3f2dd 100644 --- a/rarpd.tproj/rarpd.c +++ b/rarpd.tproj/rarpd.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/rcp.tproj/extern.h b/rcp.tproj/extern.h index 706251f..3c20d43 100644 --- a/rcp.tproj/extern.h +++ b/rcp.tproj/extern.h @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/rcp.tproj/pathnames.h b/rcp.tproj/pathnames.h index a93c4e6..9d207d9 100644 --- a/rcp.tproj/pathnames.h +++ b/rcp.tproj/pathnames.h @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/rcp.tproj/rcp.c b/rcp.tproj/rcp.c index 579f328..d9cf956 100644 --- a/rcp.tproj/rcp.c +++ b/rcp.tproj/rcp.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/rcp.tproj/util.c b/rcp.tproj/util.c index 7ee6866..a83035c 100644 --- a/rcp.tproj/util.c +++ b/rcp.tproj/util.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/revnetgroup.tproj/hash.c b/revnetgroup.tproj/hash.c index 9aee4bd..f54a48f 100644 --- a/revnetgroup.tproj/hash.c +++ b/revnetgroup.tproj/hash.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/revnetgroup.tproj/hash.h b/revnetgroup.tproj/hash.h index 822c9e0..b8308f9 100644 --- a/revnetgroup.tproj/hash.h +++ b/revnetgroup.tproj/hash.h @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/revnetgroup.tproj/parse_netgroup.c b/revnetgroup.tproj/parse_netgroup.c index 0d1e07a..c9dab0f 100644 --- a/revnetgroup.tproj/parse_netgroup.c +++ b/revnetgroup.tproj/parse_netgroup.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/revnetgroup.tproj/revnetgroup.c b/revnetgroup.tproj/revnetgroup.c index a45db99..bc24bd7 100644 --- a/revnetgroup.tproj/revnetgroup.c +++ b/revnetgroup.tproj/revnetgroup.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/rexecd.tproj/rexecd.c b/rexecd.tproj/rexecd.c index ec9e009..e54cde6 100644 --- a/rexecd.tproj/rexecd.c +++ b/rexecd.tproj/rexecd.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/rlogin.tproj/des_rw.c b/rlogin.tproj/des_rw.c index 4e056cf..cd1729e 100644 --- a/rlogin.tproj/des_rw.c +++ b/rlogin.tproj/des_rw.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/rlogin.tproj/kcmd.c b/rlogin.tproj/kcmd.c index 1482dda..0f8e6e3 100644 --- a/rlogin.tproj/kcmd.c +++ b/rlogin.tproj/kcmd.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/rlogin.tproj/krb.h b/rlogin.tproj/krb.h index 10b6dca..5337052 100644 --- a/rlogin.tproj/krb.h +++ b/rlogin.tproj/krb.h @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/rlogin.tproj/krcmd.c b/rlogin.tproj/krcmd.c index 8f7710e..d5cab34 100644 --- a/rlogin.tproj/krcmd.c +++ b/rlogin.tproj/krcmd.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/rlogin.tproj/rlogin.1 b/rlogin.tproj/rlogin.1 index 979658a..b0b0c51 100644 --- a/rlogin.tproj/rlogin.1 +++ b/rlogin.tproj/rlogin.1 @@ -39,15 +39,14 @@ .Nd remote login .Sh SYNOPSIS .Nm rlogin -.Op Fl 8EKLdx +.Op Fl 8ELd .Op Fl e Ar char .Op Fl k Ar realm .Op Fl l Ar username .Ar host .Nm rlogin -.Op Fl 8EKLdx +.Op Fl 8ELd .Op Fl e Ar char -.Op Fl k Ar realm .Ar username@host .Sh DESCRIPTION .Nm Rlogin @@ -55,10 +54,9 @@ starts a terminal session on a remote host .Ar host . .Pp .Nm Rlogin -first attempts to use the Kerberos authorization mechanism, described below. -If the remote host does not supporting Kerberos the standard Berkeley +first attempts to use the standard Berkeley .Pa rhosts -authorization mechanism is used. +authorization mechanism. The options are as follows: .Bl -tag -width flag .It Fl 8 @@ -75,10 +73,6 @@ option stops any character from being recognized as an escape character. When used with the .Fl 8 option, this provides a completely transparent connection. -.It Fl K -The -.Fl K -option turns off all Kerberos authentication. .It Fl L The .Fl L @@ -98,25 +92,6 @@ option allows user specification of the escape character, which is ``~'' by default. This specification may be as a literal character, or as an octal value in the form \ennn. -.It Fl k -The -.FL k -option requests rlogin to obtain tickets for the remote host -in realm -.Ar realm -instead of the remote host's realm as determined by -.Xr krb_realmofhost 3 . -.It Fl x -The -.Fl x -option turns on -.Tn DES -encryption for all data passed via the -rlogin session. -This may impact response time and -.Tn CPU -utilization, but provides -increased security. .El .Pp A line of the form ``.'' disconnects from the remote host. @@ -133,35 +108,6 @@ the is transparent. Flow control via ^S/^Q and flushing of input and output on interrupts are handled properly. -.Sh KERBEROS AUTHENTICATION -Each user may have a private authorization list in the file -.Pa .klogin -in their home directory. -Each line in this file should contain a Kerberos principal name of the -form -.Ar principal.instance@realm . -If the originating user is authenticated to one of the principals named -in -.Pa .klogin , -access is granted to the account. -The principal -.Ar accountname.@localrealm -is granted access if -there is no -.Pa .klogin -file. -Otherwise a login and password will be prompted for on the remote machine -as in -.Xr login 1 . -To avoid certain security problems, the -.Pa .klogin -file must be owned by -the remote user. -.Pp -If Kerberos authentication fails, a warning message is printed and the -standard Berkeley -.Nm rlogin -is used instead. .Sh ENVIRONMENT The following environment variable is utilized by .Nm rlogin : @@ -170,10 +116,7 @@ The following environment variable is utilized by Determines the user's terminal type. .El .Sh SEE ALSO -.Xr rsh 1 , -.Xr kerberos 3 , -.Xr krb_sendauth 3 , -.Xr krb_realmofhost 3 +.Xr rsh 1 .Sh HISTORY The .Nm rlogin diff --git a/rlogin.tproj/rlogin.c b/rlogin.tproj/rlogin.c index b819699..c03229f 100644 --- a/rlogin.tproj/rlogin.c +++ b/rlogin.tproj/rlogin.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/rlogind.tproj/pathnames.h b/rlogind.tproj/pathnames.h index b9a57fa..23b2f3f 100644 --- a/rlogind.tproj/pathnames.h +++ b/rlogind.tproj/pathnames.h @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/rlogind.tproj/rlogind.c b/rlogind.tproj/rlogind.c index 4cb0575..8f1a346 100644 --- a/rlogind.tproj/rlogind.c +++ b/rlogind.tproj/rlogind.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/route.tproj/keywords.h b/route.tproj/keywords.h index 84e5531..0cc369f 100644 --- a/route.tproj/keywords.h +++ b/route.tproj/keywords.h @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/route.tproj/route.c b/route.tproj/route.c index 42d4c45..259c50f 100644 --- a/route.tproj/route.c +++ b/route.tproj/route.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/routed.tproj/af.c b/routed.tproj/af.c index a879b6c..ae8aaeb 100644 --- a/routed.tproj/af.c +++ b/routed.tproj/af.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/routed.tproj/af.h b/routed.tproj/af.h index 02f48b0..ed74f54 100644 --- a/routed.tproj/af.h +++ b/routed.tproj/af.h @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/routed.tproj/defs.c b/routed.tproj/defs.c index 5b176bc..3cf5dd2 100644 --- a/routed.tproj/defs.c +++ b/routed.tproj/defs.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/routed.tproj/defs.h b/routed.tproj/defs.h index fad0ae1..d05e349 100644 --- a/routed.tproj/defs.h +++ b/routed.tproj/defs.h @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/routed.tproj/if.c b/routed.tproj/if.c index 5235d58..7bb035f 100644 --- a/routed.tproj/if.c +++ b/routed.tproj/if.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/routed.tproj/inet.c b/routed.tproj/inet.c index ef194a8..abdb24e 100644 --- a/routed.tproj/inet.c +++ b/routed.tproj/inet.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/routed.tproj/input.c b/routed.tproj/input.c index d39615f..443a495 100644 --- a/routed.tproj/input.c +++ b/routed.tproj/input.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/routed.tproj/interface.h b/routed.tproj/interface.h index 8e2df84..0f9baa1 100644 --- a/routed.tproj/interface.h +++ b/routed.tproj/interface.h @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/routed.tproj/main.c b/routed.tproj/main.c index 43597a5..d1d6fac 100644 --- a/routed.tproj/main.c +++ b/routed.tproj/main.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/routed.tproj/output.c b/routed.tproj/output.c index 168c320..152aba4 100644 --- a/routed.tproj/output.c +++ b/routed.tproj/output.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/routed.tproj/pathnames.h b/routed.tproj/pathnames.h index 12482f7..4e87b53 100644 --- a/routed.tproj/pathnames.h +++ b/routed.tproj/pathnames.h @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/routed.tproj/startup.c b/routed.tproj/startup.c index c183ac6..9b76857 100644 --- a/routed.tproj/startup.c +++ b/routed.tproj/startup.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/routed.tproj/table.h b/routed.tproj/table.h index 3e0246d..f21ca78 100644 --- a/routed.tproj/table.h +++ b/routed.tproj/table.h @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/routed.tproj/tables.c b/routed.tproj/tables.c index f9ade65..8719d31 100644 --- a/routed.tproj/tables.c +++ b/routed.tproj/tables.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/routed.tproj/timer.c b/routed.tproj/timer.c index cf8e3ba..dfa9436 100644 --- a/routed.tproj/timer.c +++ b/routed.tproj/timer.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/routed.tproj/trace.c b/routed.tproj/trace.c index 8695cf9..ef31d21 100644 --- a/routed.tproj/trace.c +++ b/routed.tproj/trace.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/routed.tproj/trace.h b/routed.tproj/trace.h index aa7f753..832ad62 100644 --- a/routed.tproj/trace.h +++ b/routed.tproj/trace.h @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/rpc_lockd.tproj/lock_proc.c b/rpc_lockd.tproj/lock_proc.c index 1ae97ef..df949ae 100644 --- a/rpc_lockd.tproj/lock_proc.c +++ b/rpc_lockd.tproj/lock_proc.c @@ -1011,7 +1011,7 @@ nlm_unshare_3_svc(arg, rqstp) res.cookie = arg->cookie; res.sequence = 0; /* X/Open says this field is ignored? */ - res.stat = unshare(arg, rqstp); + res.stat = unshare(arg, rqstp, 0); return (&res); } @@ -1559,7 +1559,7 @@ nlm4_unshare_4_svc(arg, rqstp) res.cookie = arg->cookie; res.sequence = 0; /* X/Open says this field is ignored? */ - res.stat = unshare((nlm_shareargs*)arg, rqstp); + res.stat = unshare((nlm_shareargs*)arg, rqstp, LOCK_V4); return (&res); } diff --git a/rpc_lockd.tproj/lockd_lock.c b/rpc_lockd.tproj/lockd_lock.c index e153970..9784236 100644 --- a/rpc_lockd.tproj/lockd_lock.c +++ b/rpc_lockd.tproj/lockd_lock.c @@ -1724,7 +1724,6 @@ void clear_partialfilelock(const char *hostname) { struct file_lock *ifl, *nfl; - enum partialfilelock_status pfsret; /* Clear blocking file lock list */ clear_blockingfilelock(hostname); @@ -1738,7 +1737,7 @@ clear_partialfilelock(const char *hostname) * would mess up the iteration. Thus, a next element * must be used explicitly */ -restart: + ifl = LIST_FIRST(&nfslocklist_head); while (ifl != NULL) { @@ -1746,21 +1745,8 @@ restart: if (strncmp(hostname, ifl->client_name, SM_MAXSTRLEN) == 0) { /* Unlock destroys ifl out from underneath */ - pfsret = unlock_partialfilelock(ifl); - if (pfsret != PFL_GRANTED) { - /* Uh oh... there was some sort of problem. */ - /* If we restart the loop, we may get */ - /* stuck here forever getting errors. */ - /* So, let's just abort the whole scan. */ - syslog(LOG_WARNING, "lock clearing for %s failed: %d", - hostname, pfsret); - break; - } + unlock_partialfilelock(ifl); /* ifl is NO LONGER VALID AT THIS POINT */ - /* Note: the unlock may deallocate several existing locks. */ - /* Therefore, we need to restart the scanning of the list, */ - /* because nfl could be pointing to a freed lock. */ - goto restart; } ifl = nfl; } @@ -2000,6 +1986,12 @@ testlock(struct nlm4_lock *lock, bool_t exclusive, int flags __unused) { struct file_lock test_fl, *conflicting_fl; + if (lock->fh.n_len != sizeof(fhandle_t)) { + debuglog("received fhandle size %d, local size %d", + lock->fh.n_len, (int)sizeof(fhandle_t)); + return NULL; + } + bzero(&test_fl, sizeof(test_fl)); test_fl.filehandle.n_len = lock->fh.n_len; @@ -2041,6 +2033,12 @@ getlock(nlm4_lockargs *lckarg, struct svc_req *rqstp, const int flags) return (flags & LOCK_V4) ? nlm4_denied_grace_period : nlm_denied_grace_period; + if (lckarg->alock.fh.n_len != sizeof(fhandle_t)) { + debuglog("received fhandle size %d, local size %d", + lckarg->alock.fh.n_len, (int)sizeof(fhandle_t)); + return (flags & LOCK_V4) ? nlm4_failed : nlm_denied; + } + /* allocate new file_lock for this request */ newfl = allocate_file_lock(&lckarg->alock.oh, &lckarg->alock.fh, (struct sockaddr *)svc_getcaller(rqstp->rq_xprt), @@ -2052,11 +2050,6 @@ getlock(nlm4_lockargs *lckarg, struct svc_req *rqstp, const int flags) nlm4_denied_nolocks : nlm_denied_nolocks; } - if (lckarg->alock.fh.n_len != sizeof(fhandle_t)) { - debuglog("recieved fhandle size %d, local size %d", - lckarg->alock.fh.n_len, (int)sizeof(fhandle_t)); - } - fill_file_lock(newfl, lckarg->exclusive, lckarg->alock.svid, lckarg->alock.l_offset, lckarg->alock.l_len, @@ -2098,14 +2091,20 @@ getlock(nlm4_lockargs *lckarg, struct svc_req *rqstp, const int flags) /* unlock a filehandle */ enum nlm_stats -unlock(nlm4_lock *lock, const int flags __unused) +unlock(nlm4_lock *lock, const int flags) { struct file_lock fl; enum nlm_stats err; - siglock(); - debuglog("Entering unlock...\n"); + + if (lock->fh.n_len != sizeof(fhandle_t)) { + debuglog("received fhandle size %d, local size %d", + lock->fh.n_len, (int)sizeof(fhandle_t)); + return (flags & LOCK_V4) ? nlm4_failed : nlm_denied; + } + + siglock(); bzero(&fl,sizeof(struct file_lock)); fl.filehandle.n_len = lock->fh.n_len; @@ -2124,15 +2123,21 @@ unlock(nlm4_lock *lock, const int flags __unused) /* cancel a blocked lock request */ enum nlm_stats -cancellock(nlm4_cancargs *args, const int flags __unused) +cancellock(nlm4_cancargs *args, const int flags) { struct file_lock *ifl, *nfl; enum nlm_stats err; - siglock(); - debuglog("Entering cancellock...\n"); + if (args->alock.fh.n_len != sizeof(fhandle_t)) { + debuglog("received fhandle size %d, local size %d", + args->alock.fh.n_len, (int)sizeof(fhandle_t)); + return (flags & LOCK_V4) ? nlm4_failed : nlm_denied; + } + + siglock(); + err = nlm_denied; /* @@ -2629,6 +2634,12 @@ getshare(nlm_shareargs *shrarg, struct svc_req *rqstp, const int flags) nlm_denied_grace_period; } + if (shrarg->share.fh.n_len != sizeof(fhandle_t)) { + debuglog("received fhandle size %d, local size %d", + shrarg->share.fh.n_len, (int)sizeof(fhandle_t)); + return (flags & LOCK_V4) ? nlm4_failed : nlm_denied; + } + /* find file in list of share files */ LIST_FOREACH(shrfile, &nfssharefilelist_head, sharefilelist) { if ((shrarg->share.fh.n_len == shrfile->filehandle.n_len) && @@ -2745,13 +2756,19 @@ getshare(nlm_shareargs *shrarg, struct svc_req *rqstp, const int flags) /* remove a share reservation */ enum nlm_stats -unshare(nlm_shareargs *shrarg, struct svc_req *rqstp) +unshare(nlm_shareargs *shrarg, struct svc_req *rqstp, const int flags) { struct sharefile *shrfile; struct file_share *sh; debuglog("Entering unshare...\n"); + if (shrarg->share.fh.n_len != sizeof(fhandle_t)) { + debuglog("received fhandle size %d, local size %d", + shrarg->share.fh.n_len, (int)sizeof(fhandle_t)); + return (flags & LOCK_V4) ? nlm4_failed : nlm_denied; + } + /* find file in list of share files */ LIST_FOREACH(shrfile, &nfssharefilelist_head, sharefilelist) { if ((shrarg->share.fh.n_len == shrfile->filehandle.n_len) && @@ -2814,7 +2831,6 @@ do_free_all(const char *hostname) struct file_lock *ifl, *nfl; struct sharefile *shrfile, *nshrfile; struct file_share *ifs, *nfs; - enum partialfilelock_status pfsret; /* clear non-monitored blocking file locks */ ifl = LIST_FIRST(&blockedlocklist_head); @@ -2831,7 +2847,6 @@ do_free_all(const char *hostname) } /* clear non-monitored file locks */ -restart: ifl = LIST_FIRST(&nfslocklist_head); while (ifl != NULL) { nfl = LIST_NEXT(ifl, nfslocklist); @@ -2839,21 +2854,8 @@ restart: if (((ifl->flags & LOCK_MON) == 0) && (strncmp(hostname, ifl->client_name, SM_MAXSTRLEN) == 0)) { /* Unlock destroys ifl out from underneath */ - pfsret = unlock_partialfilelock(ifl); - if (pfsret != PFL_GRANTED) { - /* Uh oh... there was some sort of problem. */ - /* If we restart the loop, we may get */ - /* stuck here forever getting errors. */ - /* So, let's just abort the whole scan. */ - syslog(LOG_WARNING, "unmonitored lock clearing for %s failed: %d", - hostname, pfsret); - break; - } + unlock_partialfilelock(ifl); /* ifl is NO LONGER VALID AT THIS POINT */ - /* Note: the unlock may deallocate several existing locks. */ - /* Therefore, we need to restart the scanning of the list, */ - /* because nfl could be pointing to a freed lock. */ - goto restart; } ifl = nfl; diff --git a/rpc_lockd.tproj/lockd_lock.h b/rpc_lockd.tproj/lockd_lock.h index ca1aa37..d3dd12b 100644 --- a/rpc_lockd.tproj/lockd_lock.h +++ b/rpc_lockd.tproj/lockd_lock.h @@ -11,7 +11,7 @@ enum nlm_stats unlock(nlm4_lock *lock, const int flags); enum nlm_stats cancellock(nlm4_cancargs *args, const int flags); int lock_answer(int version, netobj *netcookie, nlm4_lock *lock, int flags, int result); enum nlm_stats getshare(nlm_shareargs *shrarg, struct svc_req *rqstp, const int flags); -enum nlm_stats unshare(nlm_shareargs *shrarg, struct svc_req *rqstp); +enum nlm_stats unshare(nlm_shareargs *shrarg, struct svc_req *rqstp, const int flags); void do_free_all(const char *hostname); void granted_failed(nlm4_res *arg); diff --git a/rpc_lockd.tproj/nlm_prot_svc.c b/rpc_lockd.tproj/nlm_prot_svc.c index c395643..3020788 100644 --- a/rpc_lockd.tproj/nlm_prot_svc.c +++ b/rpc_lockd.tproj/nlm_prot_svc.c @@ -39,7 +39,7 @@ extern int need_retry_blocked_locks; /* need to call retry_blockingfilelocklist( #ifndef lint /*static char sccsid[] = "from: @(#)nlm_prot.x 1.8 87/09/21 Copyr 1987 Sun Micro";*/ /*static char sccsid[] = "from: * @(#)nlm_prot.x 2.1 88/08/01 4.0 RPCSRC";*/ -static char rcsid[] = "$Id: nlm_prot_svc.c,v 1.4.36.1 2004/04/16 15:50:05 lindak Exp $"; +static char rcsid[] = "$Id: nlm_prot_svc.c,v 1.5 2004/03/11 23:52:19 lindak Exp $"; #endif /* not lint */ extern int _rpcpmstart; /* Started by a port monitor ? */ extern int _rpcfdtype; /* Whether Stream or Datagram ? */ diff --git a/rpc_statd.tproj/procs.c b/rpc_statd.tproj/procs.c index c564094..de0906d 100644 --- a/rpc_statd.tproj/procs.c +++ b/rpc_statd.tproj/procs.c @@ -381,33 +381,9 @@ void *sm_notify_1_svc(stat_chge *arg, struct svc_req *req __unused) hp = find_host(arg->mon_name, FALSE); if (!hp) { - /* - * Hmmm... We've never heard of this host. - * It's possible the host just didn't give us the right hostname. - * Let's try the IP address the request came from and any hostnames it has. - */ - struct sockaddr_in *claddr; - if ((claddr = svc_getcaller(req->rq_xprt))) { - struct hostent *he; - he = gethostbyaddr((char*)&claddr->sin_addr, sizeof(claddr->sin_addr), AF_INET); - if (he) { - char **np = he->h_aliases; - hp = find_host(he->h_name, FALSE); - while (!hp && *np) { - hp = find_host(*np, FALSE); - if (!hp) - np++; - } - } - if (hp) - syslog(LOG_DEBUG, "Notification from host %s found as %s", - arg->mon_name, hp->hostname); - } - if (!hp) { - /* Never heard of this host - why is it notifying us? */ - syslog(LOG_DEBUG, "Unsolicited notification from host %s", arg->mon_name); - return (&dummy); - } + /* Never heard of this host - why is it notifying us? */ + syslog(LOG_DEBUG, "Unsolicited notification from host %s", arg->mon_name); + return (&dummy); } lp = hp->monList; if (!lp) return (&dummy); /* We know this host, but have no */ @@ -422,7 +398,7 @@ void *sm_notify_1_svc(stat_chge *arg, struct svc_req *req __unused) while (lp) { - tx_arg.mon_name = hp->hostname; + tx_arg.mon_name = arg->mon_name; tx_arg.state = arg->state; memcpy(tx_arg.priv, lp->notifyData, sizeof(tx_arg.priv)); cli = clnt_create(lp->notifyHost, lp->notifyProg, lp->notifyVers, "udp"); diff --git a/rpc_yppasswdd.tproj/passwd.c b/rpc_yppasswdd.tproj/passwd.c index a5d9982..81bf739 100644 --- a/rpc_yppasswdd.tproj/passwd.c +++ b/rpc_yppasswdd.tproj/passwd.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/rpc_yppasswdd.tproj/rpc.yppasswdd.c b/rpc_yppasswdd.tproj/rpc.yppasswdd.c index 1a88517..ef2fc87 100644 --- a/rpc_yppasswdd.tproj/rpc.yppasswdd.c +++ b/rpc_yppasswdd.tproj/rpc.yppasswdd.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/rpc_yppasswdd.tproj/yppasswd.h b/rpc_yppasswdd.tproj/yppasswd.h index 5592e87..618d876 100644 --- a/rpc_yppasswdd.tproj/yppasswd.h +++ b/rpc_yppasswdd.tproj/yppasswd.h @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/rpc_yppasswdd.tproj/yppasswdd_mkpw.c b/rpc_yppasswdd.tproj/yppasswdd_mkpw.c index 6904c44..c835f8d 100644 --- a/rpc_yppasswdd.tproj/yppasswdd_mkpw.c +++ b/rpc_yppasswdd.tproj/yppasswdd_mkpw.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/rpc_yppasswdd.tproj/yppasswdd_proc.c b/rpc_yppasswdd.tproj/yppasswdd_proc.c index 2053263..710e839 100644 --- a/rpc_yppasswdd.tproj/yppasswdd_proc.c +++ b/rpc_yppasswdd.tproj/yppasswdd_proc.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/rpcinfo.tproj/rpcinfo.c b/rpcinfo.tproj/rpcinfo.c index 3315bda..5c0af78 100644 --- a/rpcinfo.tproj/rpcinfo.c +++ b/rpcinfo.tproj/rpcinfo.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/rsh.tproj/rsh.1 b/rsh.tproj/rsh.1 index f535022..2144cba 100644 --- a/rsh.tproj/rsh.1 +++ b/rsh.tproj/rsh.1 @@ -40,9 +40,8 @@ .Nd remote shell .Sh SYNOPSIS .Nm -.Op Fl 46Kdnx +.Op Fl 46dn .Op Fl t Ar timeout -.Op Fl k Ar realm .Op Fl l Ar username .Ar host .Op command @@ -86,11 +85,6 @@ Redirect input from the special device (see the .Sx BUGS section of this manual page). -.It Fl x -Turn on -.Tn DES -encryption for all data exchange. -This may introduce a significant delay in response time. .It Fl t Ar timeout Allow a .Ar timeout @@ -136,9 +130,6 @@ to .Sh SEE ALSO .Xr rlogin 1 , .Xr setsockopt 2 , -.Xr kerberos 3 , -.Xr krb_realmofhost 3 , -.Xr krb_sendauth 3 , .Xr rcmd 3 , .Xr ruserok 3 , .Xr auth.conf 5 , diff --git a/rshd.tproj/rshd.c b/rshd.tproj/rshd.c index 7e8d10c..2f9085c 100644 --- a/rshd.tproj/rshd.c +++ b/rshd.tproj/rshd.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/ruptime.tproj/ruptime.c b/ruptime.tproj/ruptime.c index e6cb457..3a7714c 100644 --- a/ruptime.tproj/ruptime.c +++ b/ruptime.tproj/ruptime.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/rwho.tproj/rwho.c b/rwho.tproj/rwho.c index 815f13a..adc1ec0 100644 --- a/rwho.tproj/rwho.c +++ b/rwho.tproj/rwho.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/rwhod.tproj/rwhod.c b/rwhod.tproj/rwhod.c index cbff644..d6411ee 100644 --- a/rwhod.tproj/rwhod.c +++ b/rwhod.tproj/rwhod.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/slattach.tproj/slattach.c b/slattach.tproj/slattach.c index 580da18..028efc7 100644 --- a/slattach.tproj/slattach.c +++ b/slattach.tproj/slattach.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/spray.tproj/spray.c b/spray.tproj/spray.c index 72d9c3e..847ac34 100644 --- a/spray.tproj/spray.c +++ b/spray.tproj/spray.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/spray.tproj/spray.x b/spray.tproj/spray.x index 5d2f883..a9ff8df 100644 --- a/spray.tproj/spray.x +++ b/spray.tproj/spray.x @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/stdethers.tproj/stdethers.c b/stdethers.tproj/stdethers.c index 9889d3e..4fb93da 100644 --- a/stdethers.tproj/stdethers.c +++ b/stdethers.tproj/stdethers.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/stdhosts.tproj/stdhosts.c b/stdhosts.tproj/stdhosts.c index 3406558..bccf8f3 100644 --- a/stdhosts.tproj/stdhosts.c +++ b/stdhosts.tproj/stdhosts.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/syslogd.tproj/Makefile.postamble b/syslogd.tproj/Makefile.postamble index 3dc97c4..22e0890 100644 --- a/syslogd.tproj/Makefile.postamble +++ b/syslogd.tproj/Makefile.postamble @@ -113,4 +113,6 @@ VPATH += :../wall.tproj # a rule with which to install the man page install-man-page: install -d $(DSTROOT)/usr/share/man/man5 + install -d $(DSTROOT)/usr/share/man/man8 install -c -m 444 syslog.conf.5 $(DSTROOT)/usr/share/man/man5/syslog.conf.5 + install -c -m 444 syslogd.8 $(DSTROOT)/usr/share/man/man8/syslogd.8 diff --git a/syslogd.tproj/syslogd.c b/syslogd.tproj/syslogd.c index e92625b..9c9c1d6 100644 --- a/syslogd.tproj/syslogd.c +++ b/syslogd.tproj/syslogd.c @@ -107,6 +107,11 @@ static char sccsid[] = "@(#)syslogd.c 8.3 (Berkeley) 4/4/94"; #include #include #include +#include + +#ifndef NETWORK_CHANGE_NOTIFICATION +#define NETWORK_CHANGE_NOTIFICATION "com.apple.system.config.network_change" +#endif #include "pathnames.h" #include "ttymsg.h" @@ -339,6 +344,7 @@ main(int argc, char *argv[]) sigset_t mask; pid_t ppid = 1; socklen_t len; + int nctoken = -1; bindhostname = NULL; while ((ch = getopt(argc, argv, "46ACa:b:cdf:kl:m:nop:P:suv")) != -1) @@ -451,6 +457,7 @@ main(int argc, char *argv[]) (void)sigaction(SIGCHLD, &sact, NULL); (void)signal(SIGALRM, domark); (void)signal(SIGPIPE, SIG_IGN); /* We'll catch EPIPE instead. */ + notify_register_signal(NETWORK_CHANGE_NOTIFICATION, SIGHUP, &nctoken); (void)alarm(TIMERINTVL); TAILQ_INIT(&deadq_head); @@ -1096,13 +1103,13 @@ fprintlog(struct filed *f, int flags, const char *msg) gr = getgrnam("admin"); if( gr ) fchown(f->f_file, 0, gr->gr_gid); - if (f->f_type == F_CHECKTTY) { - if (isatty(f->f_file)) { - if (strcmp(f->f_un.f_fname, ctty) == 0) - f->f_type = F_CONSOLE; - else - f->f_type = F_TTY; - } + } + if (f->f_type == F_CHECKTTY) { + if (isatty(f->f_file)) { + if (strcmp(f->f_un.f_fname, ctty) == 0) + f->f_type = F_CONSOLE; + else + f->f_type = F_TTY; } } } @@ -1168,7 +1175,7 @@ fprintlog(struct filed *f, int flags, const char *msg) /* case ENOBUFS: */ /* case ECONNREFUSED: */ default: - dprintf("removing entry\n", e); + dprintf("removing entry\n"); (void)close(f->f_file); f->f_type = F_UNUSED; break; @@ -1811,7 +1818,7 @@ cfline(const char *line, struct filed *f, const char *prog, const char *host) switch (*p) { case '@': - port = p; + port = (char *)p; p = strsep(&port, ":"); (void)strlcpy(f->f_un.f_forw.f_hname, ++p, sizeof(f->f_un.f_forw.f_hname)); @@ -1831,7 +1838,7 @@ cfline(const char *line, struct filed *f, const char *prog, const char *host) case '/': /* Delay opening files until we're ready to log to them */ f->f_file = -1; - if (strncmp(p, _PATH_DEV, sizeof(_PATH_DEV)) == 0) + if (strncmp(p, _PATH_DEV, sizeof(_PATH_DEV)-1) == 0) f->f_type = F_CHECKTTY; else f->f_type = F_FILE; diff --git a/talk.tproj/ctl.c b/talk.tproj/ctl.c index d1c016b..1817074 100644 --- a/talk.tproj/ctl.c +++ b/talk.tproj/ctl.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/talk.tproj/ctl_transact.c b/talk.tproj/ctl_transact.c index 85474dd..c0a93b5 100644 --- a/talk.tproj/ctl_transact.c +++ b/talk.tproj/ctl_transact.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/talk.tproj/display.c b/talk.tproj/display.c index 6a725a6..6644ec1 100644 --- a/talk.tproj/display.c +++ b/talk.tproj/display.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/talk.tproj/get_addrs.c b/talk.tproj/get_addrs.c index ce728c5..7877eab 100644 --- a/talk.tproj/get_addrs.c +++ b/talk.tproj/get_addrs.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/talk.tproj/get_names.c b/talk.tproj/get_names.c index adf43bc..58d5e84 100644 --- a/talk.tproj/get_names.c +++ b/talk.tproj/get_names.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/talk.tproj/init_disp.c b/talk.tproj/init_disp.c index 1332107..7def0d3 100644 --- a/talk.tproj/init_disp.c +++ b/talk.tproj/init_disp.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/talk.tproj/invite.c b/talk.tproj/invite.c index 47fbf44..d879366 100644 --- a/talk.tproj/invite.c +++ b/talk.tproj/invite.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/talk.tproj/io.c b/talk.tproj/io.c index 7d6fd55..b32b1e1 100644 --- a/talk.tproj/io.c +++ b/talk.tproj/io.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/talk.tproj/look_up.c b/talk.tproj/look_up.c index 3d46cb3..ea96da9 100644 --- a/talk.tproj/look_up.c +++ b/talk.tproj/look_up.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/talk.tproj/msgs.c b/talk.tproj/msgs.c index 7e1edb1..5fc3927 100644 --- a/talk.tproj/msgs.c +++ b/talk.tproj/msgs.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/talk.tproj/talk.c b/talk.tproj/talk.c index 3690d01..c2145d3 100644 --- a/talk.tproj/talk.c +++ b/talk.tproj/talk.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/talk.tproj/talk.h b/talk.tproj/talk.h index 2458247..5e29a54 100644 --- a/talk.tproj/talk.h +++ b/talk.tproj/talk.h @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/talk.tproj/talk_ctl.h b/talk.tproj/talk_ctl.h index bfe8416..d73c089 100644 --- a/talk.tproj/talk_ctl.h +++ b/talk.tproj/talk_ctl.h @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/talkd.tproj/announce.c b/talkd.tproj/announce.c index cda84a1..4c6ee5f 100644 --- a/talkd.tproj/announce.c +++ b/talkd.tproj/announce.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/talkd.tproj/print.c b/talkd.tproj/print.c index 74f7aa8..d4222b3 100644 --- a/talkd.tproj/print.c +++ b/talkd.tproj/print.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/talkd.tproj/process.c b/talkd.tproj/process.c index c7d7b2c..d9a87a2 100644 --- a/talkd.tproj/process.c +++ b/talkd.tproj/process.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/talkd.tproj/table.c b/talkd.tproj/table.c index df3fb23..5b6ee3f 100644 --- a/talkd.tproj/table.c +++ b/talkd.tproj/table.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/talkd.tproj/talkd.c b/talkd.tproj/talkd.c index 7281351..540e17e 100644 --- a/talkd.tproj/talkd.c +++ b/talkd.tproj/talkd.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/talkd.tproj/talkd.h b/talkd.tproj/talkd.h index 9a686c5..afb5692 100644 --- a/talkd.tproj/talkd.h +++ b/talkd.tproj/talkd.h @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/telnet.tproj/krb4-proto.h b/telnet.tproj/krb4-proto.h index 9f3f0b0..595b654 100644 --- a/telnet.tproj/krb4-proto.h +++ b/telnet.tproj/krb4-proto.h @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/telnet.tproj/telnet.c b/telnet.tproj/telnet.c index 8527f13..3f4ccba 100644 --- a/telnet.tproj/telnet.c +++ b/telnet.tproj/telnet.c @@ -1324,7 +1324,6 @@ slc_check(void) } unsigned char slc_reply[128]; -unsigned char const * const slc_reply_eom = &slc_reply[sizeof(slc_reply)]; unsigned char *slc_replyp; void @@ -1340,14 +1339,6 @@ slc_start_reply(void) void slc_add_reply(unsigned char func, unsigned char flags, cc_t value) { - /* A sequence of up to 6 bytes my be written for this member of the SLC - * suboption list by this function. The end of negotiation command, - * which is written by slc_end_reply(), will require 2 additional - * bytes. Do not proceed unless there is sufficient space for these - * items. - */ - if (&slc_replyp[6+2] > slc_reply_eom) - return; if ((*slc_replyp++ = func) == IAC) *slc_replyp++ = IAC; if ((*slc_replyp++ = flags) == IAC) @@ -1532,11 +1523,11 @@ env_opt_add(unsigned char *ep) return; } vp = env_getvalue(ep); - if (opt_replyp + 2*(vp ? strlen((char *)vp) : 0) + - 2*strlen((char *)ep) + 6 > opt_replyend) + if (opt_replyp + (vp ? strlen((char *)vp) : 0) + + strlen((char *)ep) + 6 > opt_replyend) { int len; - opt_replyend += OPT_REPLY_SIZE + 2*strlen((char *)ep) + 2*(vp ? strlen((char *)vp) : 0); + opt_replyend += OPT_REPLY_SIZE; len = opt_replyend - opt_reply; opt_reply = (unsigned char *)realloc(opt_reply, len); if (opt_reply == NULL) { diff --git a/telnet.tproj/tn3270.c b/telnet.tproj/tn3270.c index 875d386..7edae66 100644 --- a/telnet.tproj/tn3270.c +++ b/telnet.tproj/tn3270.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/tftp.tproj/extern.h b/tftp.tproj/extern.h index f41b4d4..5bee6a0 100644 --- a/tftp.tproj/extern.h +++ b/tftp.tproj/extern.h @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/tftp.tproj/main.c b/tftp.tproj/main.c index 7e110cc..cef16e5 100644 --- a/tftp.tproj/main.c +++ b/tftp.tproj/main.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/tftp.tproj/tftp.c b/tftp.tproj/tftp.c index bec2978..8e6e3f8 100644 --- a/tftp.tproj/tftp.c +++ b/tftp.tproj/tftp.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/tftp.tproj/tftpsubs.c b/tftp.tproj/tftpsubs.c index f63504a..38a5e1c 100644 --- a/tftp.tproj/tftpsubs.c +++ b/tftp.tproj/tftpsubs.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/tftp.tproj/tftpsubs.h b/tftp.tproj/tftpsubs.h index 9ecb2d2..76c0737 100644 --- a/tftp.tproj/tftpsubs.h +++ b/tftp.tproj/tftpsubs.h @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/tftpd.tproj/Makefile.postamble b/tftpd.tproj/Makefile.postamble index 382a280..95730dc 100644 --- a/tftpd.tproj/Makefile.postamble +++ b/tftpd.tproj/Makefile.postamble @@ -110,3 +110,7 @@ STRIPFLAGS = # derived files should go. VPATH += :../tftp.tproj + +after_install: + mkdir -p "$(DSTROOT)/usr/share/man/man8" + cp tftpd.8 "$(DSTROOT)/usr/share/man/man8/" diff --git a/tftpd.tproj/tftpd.8 b/tftpd.tproj/tftpd.8 index 76896c4..b891872 100644 --- a/tftpd.tproj/tftpd.8 +++ b/tftpd.tproj/tftpd.8 @@ -30,7 +30,7 @@ .\" SUCH DAMAGE. .\" .\" @(#)tftpd.8 8.1 (Berkeley) 6/4/93 -.\" $FreeBSD: src/libexec/tftpd/tftpd.8,v 1.15 2001/07/15 07:53:42 dd Exp $ +.\" $FreeBSD: src/libexec/tftpd/tftpd.8,v 1.16 2002/07/06 19:19:43 charnier Exp $ .\" .Dd September 14, 2000 .Dt TFTPD 8 @@ -45,8 +45,9 @@ .Op Fl u Ar user .Op Ar directory ... .Sh DESCRIPTION -.Nm Tftpd -is a server which supports the +The +.Nm +utility is a server which supports the Internet Trivial File Transfer Protocol .Pq Tn RFC 1350 . @@ -177,7 +178,7 @@ The user must be specified by name, not a numeric UID. .Sh HISTORY The .Nm -command appeared in +utility appeared in .Bx 4.2 ; the .Fl s diff --git a/timed.tproj/timed.tproj/acksend.c b/timed.tproj/timed.tproj/acksend.c index af1aea0..cd16920 100644 --- a/timed.tproj/timed.tproj/acksend.c +++ b/timed.tproj/timed.tproj/acksend.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/timed.tproj/timed.tproj/byteorder.c b/timed.tproj/timed.tproj/byteorder.c index 97bb911..849eccf 100644 --- a/timed.tproj/timed.tproj/byteorder.c +++ b/timed.tproj/timed.tproj/byteorder.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/timed.tproj/timed.tproj/candidate.c b/timed.tproj/timed.tproj/candidate.c index a271db5..715f9d5 100644 --- a/timed.tproj/timed.tproj/candidate.c +++ b/timed.tproj/timed.tproj/candidate.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/timed.tproj/timed.tproj/cksum.c b/timed.tproj/timed.tproj/cksum.c index e50e438..beda5b6 100644 --- a/timed.tproj/timed.tproj/cksum.c +++ b/timed.tproj/timed.tproj/cksum.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/timed.tproj/timed.tproj/correct.c b/timed.tproj/timed.tproj/correct.c index f092bca..a216abc 100644 --- a/timed.tproj/timed.tproj/correct.c +++ b/timed.tproj/timed.tproj/correct.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/timed.tproj/timed.tproj/extern.h b/timed.tproj/timed.tproj/extern.h index 00f9d35..fcc8457 100644 --- a/timed.tproj/timed.tproj/extern.h +++ b/timed.tproj/timed.tproj/extern.h @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/timed.tproj/timed.tproj/globals.h b/timed.tproj/timed.tproj/globals.h index 82cfc53..7388669 100644 --- a/timed.tproj/timed.tproj/globals.h +++ b/timed.tproj/timed.tproj/globals.h @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/timed.tproj/timed.tproj/master.c b/timed.tproj/timed.tproj/master.c index ddd3215..76fb0df 100644 --- a/timed.tproj/timed.tproj/master.c +++ b/timed.tproj/timed.tproj/master.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/timed.tproj/timed.tproj/measure.c b/timed.tproj/timed.tproj/measure.c index 6b809b2..b193959 100644 --- a/timed.tproj/timed.tproj/measure.c +++ b/timed.tproj/timed.tproj/measure.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/timed.tproj/timed.tproj/networkdelta.c b/timed.tproj/timed.tproj/networkdelta.c index 51576f6..cbcf1ee 100644 --- a/timed.tproj/timed.tproj/networkdelta.c +++ b/timed.tproj/timed.tproj/networkdelta.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/timed.tproj/timed.tproj/pathnames.h b/timed.tproj/timed.tproj/pathnames.h index 1a3faf3..c524215 100644 --- a/timed.tproj/timed.tproj/pathnames.h +++ b/timed.tproj/timed.tproj/pathnames.h @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/timed.tproj/timed.tproj/readmsg.c b/timed.tproj/timed.tproj/readmsg.c index 88efb49..ac25ec8 100644 --- a/timed.tproj/timed.tproj/readmsg.c +++ b/timed.tproj/timed.tproj/readmsg.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/timed.tproj/timed.tproj/slave.c b/timed.tproj/timed.tproj/slave.c index 0b72058..293e4bc 100644 --- a/timed.tproj/timed.tproj/slave.c +++ b/timed.tproj/timed.tproj/slave.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/timed.tproj/timed.tproj/timed.c b/timed.tproj/timed.tproj/timed.c index 01fa981..95d440a 100644 --- a/timed.tproj/timed.tproj/timed.c +++ b/timed.tproj/timed.tproj/timed.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/timed.tproj/timedc.tproj/cmds.c b/timed.tproj/timedc.tproj/cmds.c index a844190..335c76e 100644 --- a/timed.tproj/timedc.tproj/cmds.c +++ b/timed.tproj/timedc.tproj/cmds.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/timed.tproj/timedc.tproj/cmdtab.c b/timed.tproj/timedc.tproj/cmdtab.c index 546a206..3e01d9d 100644 --- a/timed.tproj/timedc.tproj/cmdtab.c +++ b/timed.tproj/timedc.tproj/cmdtab.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/timed.tproj/timedc.tproj/extern.h b/timed.tproj/timedc.tproj/extern.h index 22e2e29..3316c68 100644 --- a/timed.tproj/timedc.tproj/extern.h +++ b/timed.tproj/timedc.tproj/extern.h @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/timed.tproj/timedc.tproj/timedc.c b/timed.tproj/timedc.tproj/timedc.c index 63e2884..f80160f 100644 --- a/timed.tproj/timedc.tproj/timedc.c +++ b/timed.tproj/timedc.tproj/timedc.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/timed.tproj/timedc.tproj/timedc.h b/timed.tproj/timedc.tproj/timedc.h index 43ca72c..5faabdc 100644 --- a/timed.tproj/timedc.tproj/timedc.h +++ b/timed.tproj/timedc.tproj/timedc.h @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/traceroute.tproj/traceroute.c b/traceroute.tproj/traceroute.c index 1f8a5fa..0ef659f 100644 --- a/traceroute.tproj/traceroute.c +++ b/traceroute.tproj/traceroute.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/trpt.tproj/trpt.c b/trpt.tproj/trpt.c index 0f1f66a..4677cc5 100644 --- a/trpt.tproj/trpt.c +++ b/trpt.tproj/trpt.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/ypbind.tproj/Makefile.preamble b/ypbind.tproj/Makefile.preamble index 961ca71..d2a3a58 100644 --- a/ypbind.tproj/Makefile.preamble +++ b/ypbind.tproj/Makefile.preamble @@ -19,7 +19,7 @@ # Flags passed to compiler (in addition to -g, -O, etc) OTHER_CFLAGS = # Flags passed to ld (in addition to -ObjC, etc.) -OTHER_LDFLAGS = +OTHER_LDFLAGS = -Wl,-bind_at_load # Flags passed to libtool when building libraries OTHER_LIBTOOL_FLAGS = # For ordering named sections on NEXTSTEP (see ld(1)) diff --git a/ypbind.tproj/yp.x b/ypbind.tproj/yp.x index cf2be0c..901b12e 100644 --- a/ypbind.tproj/yp.x +++ b/ypbind.tproj/yp.x @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/ypbind.tproj/ypbind.c b/ypbind.tproj/ypbind.c index bad58c0..61f7b8a 100644 --- a/ypbind.tproj/ypbind.c +++ b/ypbind.tproj/ypbind.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/ypcat.tproj/ypcat.c b/ypcat.tproj/ypcat.c index 72e4e45..5529348 100644 --- a/ypcat.tproj/ypcat.c +++ b/ypcat.tproj/ypcat.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/ypinit.tproj/Makefile b/ypinit.tproj/Makefile index a82ca0b..dd7024f 100644 --- a/ypinit.tproj/Makefile +++ b/ypinit.tproj/Makefile @@ -1,7 +1,7 @@ # # RC Makefile for ypinit scripts on Rhapsody. # -# $Id: Makefile,v 1.4 2003/02/08 03:46:33 mscopp Exp $ +# $Id: Makefile,v 1.5 2003/10/31 05:04:39 lindak Exp $ # VARYP=$(DSTROOT)/private/var/yp @@ -44,5 +44,5 @@ install_binaries: install -c -m 755 ypinit.sh $(USRSBIN) -chown root.wheel $(USRSBIN)/ypinit -mkdir -p "$(DSTROOT)/usr/share/man/man8" - install -c -m 644 ypinit.8 "$(DSTROOT)/usr/share/man/man8/ypinit.sh.8" + install -c -m 644 ypinit.8 "$(DSTROOT)/usr/share/man/man8/ypinit.8" diff --git a/ypmatch.tproj/ypmatch.c b/ypmatch.tproj/ypmatch.c index 5f78260..aca45bf 100644 --- a/ypmatch.tproj/ypmatch.c +++ b/ypmatch.tproj/ypmatch.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/yppoll.tproj/yppoll.c b/yppoll.tproj/yppoll.c index 5f1ddc5..77f877a 100644 --- a/yppoll.tproj/yppoll.c +++ b/yppoll.tproj/yppoll.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/yppush.tproj/ypdb.c b/yppush.tproj/ypdb.c index c9bd178..9530e42 100644 --- a/yppush.tproj/ypdb.c +++ b/yppush.tproj/ypdb.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/yppush.tproj/ypdb.h b/yppush.tproj/ypdb.h index 45b0a7f..61e9547 100644 --- a/yppush.tproj/ypdb.h +++ b/yppush.tproj/ypdb.h @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/yppush.tproj/ypdef.h b/yppush.tproj/ypdef.h index 89970d7..ade70ef 100644 --- a/yppush.tproj/ypdef.h +++ b/yppush.tproj/ypdef.h @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/yppush.tproj/yplib_host.c b/yppush.tproj/yplib_host.c index 70b914b..275211b 100644 --- a/yppush.tproj/yplib_host.c +++ b/yppush.tproj/yplib_host.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/yppush.tproj/yplib_host.h b/yppush.tproj/yplib_host.h index 038fb68..32d43cd 100644 --- a/yppush.tproj/yplib_host.h +++ b/yppush.tproj/yplib_host.h @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/yppush.tproj/yppush.c b/yppush.tproj/yppush.c index 5ddd82c..3249369 100644 --- a/yppush.tproj/yppush.c +++ b/yppush.tproj/yppush.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/yppush.tproj/yppush.h b/yppush.tproj/yppush.h index 9aa8dc5..a84ccd1 100644 --- a/yppush.tproj/yppush.h +++ b/yppush.tproj/yppush.h @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/yppush.tproj/yppush_err.c b/yppush.tproj/yppush_err.c index 31f74e8..9ec329d 100644 --- a/yppush.tproj/yppush_err.c +++ b/yppush.tproj/yppush_err.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/yppush.tproj/yppush_proc.c b/yppush.tproj/yppush_proc.c index 601a7cb..dec62eb 100644 --- a/yppush.tproj/yppush_proc.c +++ b/yppush.tproj/yppush_proc.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/yppush.tproj/yppush_svc.c b/yppush.tproj/yppush_svc.c index f3c19dc..80006ae 100644 --- a/yppush.tproj/yppush_svc.c +++ b/yppush.tproj/yppush_svc.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/yppush.tproj/yppush_xdr.c b/yppush.tproj/yppush_xdr.c index d8ad787..59da531 100644 --- a/yppush.tproj/yppush_xdr.c +++ b/yppush.tproj/yppush_xdr.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/ypserv.tproj/acl.c b/ypserv.tproj/acl.c index 14e767f..6f0f1f5 100644 --- a/ypserv.tproj/acl.c +++ b/ypserv.tproj/acl.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/ypserv.tproj/acl.h b/ypserv.tproj/acl.h index cb10663..e5bc46a 100644 --- a/ypserv.tproj/acl.h +++ b/ypserv.tproj/acl.h @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/ypserv.tproj/yp.h b/ypserv.tproj/yp.h index cfe590b..ec9b22d 100644 --- a/ypserv.tproj/yp.h +++ b/ypserv.tproj/yp.h @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/ypserv.tproj/ypdb.c b/ypserv.tproj/ypdb.c index c9bd178..9530e42 100644 --- a/ypserv.tproj/ypdb.c +++ b/ypserv.tproj/ypdb.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/ypserv.tproj/ypdb.h b/ypserv.tproj/ypdb.h index 45b0a7f..61e9547 100644 --- a/ypserv.tproj/ypdb.h +++ b/ypserv.tproj/ypdb.h @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/ypserv.tproj/ypdef.h b/ypserv.tproj/ypdef.h index 89970d7..ade70ef 100644 --- a/ypserv.tproj/ypdef.h +++ b/ypserv.tproj/ypdef.h @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/ypserv.tproj/yplog.c b/ypserv.tproj/yplog.c index 3460c9a..a791cc7 100644 --- a/ypserv.tproj/yplog.c +++ b/ypserv.tproj/yplog.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/ypserv.tproj/yplog.h b/ypserv.tproj/yplog.h index dd9d6fb..d9a7254 100644 --- a/ypserv.tproj/yplog.h +++ b/ypserv.tproj/yplog.h @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/ypserv.tproj/ypserv.c b/ypserv.tproj/ypserv.c index 7089884..e38c696 100644 --- a/ypserv.tproj/ypserv.c +++ b/ypserv.tproj/ypserv.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/ypserv.tproj/ypserv_db.c b/ypserv.tproj/ypserv_db.c index b7b6469..88c9ab5 100644 --- a/ypserv.tproj/ypserv_db.c +++ b/ypserv.tproj/ypserv_db.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/ypserv.tproj/ypserv_proc.c b/ypserv.tproj/ypserv_proc.c index 84accf6..1aeb533 100644 --- a/ypserv.tproj/ypserv_proc.c +++ b/ypserv.tproj/ypserv_proc.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/ypserv.tproj/ypserv_xdr.c b/ypserv.tproj/ypserv_xdr.c index 2e1fb2a..f7d47cf 100644 --- a/ypserv.tproj/ypserv_xdr.c +++ b/ypserv.tproj/ypserv_xdr.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/ypserv.tproj/ypserv_xdr_v1.c b/ypserv.tproj/ypserv_xdr_v1.c index 3870f58..d77755d 100644 --- a/ypserv.tproj/ypserv_xdr_v1.c +++ b/ypserv.tproj/ypserv_xdr_v1.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/ypserv.tproj/ypv1.h b/ypserv.tproj/ypv1.h index d378f83..431ce33 100644 --- a/ypserv.tproj/ypv1.h +++ b/ypserv.tproj/ypv1.h @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/ypset.tproj/ypset.c b/ypset.tproj/ypset.c index cddc148..834ca8a 100644 --- a/ypset.tproj/ypset.c +++ b/ypset.tproj/ypset.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/ypwhich.tproj/ypwhich.c b/ypwhich.tproj/ypwhich.c index 523e1d0..9b8b736 100644 --- a/ypwhich.tproj/ypwhich.c +++ b/ypwhich.tproj/ypwhich.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/ypxfr.tproj/ypdb.c b/ypxfr.tproj/ypdb.c index c9bd178..9530e42 100644 --- a/ypxfr.tproj/ypdb.c +++ b/ypxfr.tproj/ypdb.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/ypxfr.tproj/ypdb.h b/ypxfr.tproj/ypdb.h index 45b0a7f..61e9547 100644 --- a/ypxfr.tproj/ypdb.h +++ b/ypxfr.tproj/ypdb.h @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/ypxfr.tproj/ypdef.h b/ypxfr.tproj/ypdef.h index 89970d7..ade70ef 100644 --- a/ypxfr.tproj/ypdef.h +++ b/ypxfr.tproj/ypdef.h @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/ypxfr.tproj/yplib_host.c b/ypxfr.tproj/yplib_host.c index 70b914b..275211b 100644 --- a/ypxfr.tproj/yplib_host.c +++ b/ypxfr.tproj/yplib_host.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/ypxfr.tproj/yplib_host.h b/ypxfr.tproj/yplib_host.h index 038fb68..32d43cd 100644 --- a/ypxfr.tproj/yplib_host.h +++ b/ypxfr.tproj/yplib_host.h @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/ypxfr.tproj/yplog.c b/ypxfr.tproj/yplog.c index 3460c9a..a791cc7 100644 --- a/ypxfr.tproj/yplog.c +++ b/ypxfr.tproj/yplog.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/ypxfr.tproj/yplog.h b/ypxfr.tproj/yplog.h index dd9d6fb..d9a7254 100644 --- a/ypxfr.tproj/yplog.h +++ b/ypxfr.tproj/yplog.h @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/ypxfr.tproj/ypxfr.c b/ypxfr.tproj/ypxfr.c index faa88bf..ee763f7 100644 --- a/ypxfr.tproj/ypxfr.c +++ b/ypxfr.tproj/ypxfr.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ diff --git a/ypxfr.tproj/ypxfr_xdr.c b/ypxfr.tproj/ypxfr_xdr.c index 460addf..a7d2458 100644 --- a/ypxfr.tproj/ypxfr_xdr.c +++ b/ypxfr.tproj/ypxfr_xdr.c @@ -3,21 +3,22 @@ * * @APPLE_LICENSE_HEADER_START@ * - * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights - * Reserved. This file contains Original Code and/or Modifications of - * Original Code as defined in and that are subject to the Apple Public - * Source License Version 1.0 (the 'License'). You may not use this file - * except in compliance with the License. Please obtain a copy of the - * License at http://www.apple.com/publicsource and read it before using - * this file. + * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License." + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ -- 2.45.2