8ec31c64b3
set_filters() interface introduced by Pkgsrc, but generate errors if the outbound filters are defined. Compile tested only (but it does at least compile!), on Linux with /usr/include/pcap-bpf.h. No functional change on systems that previously successfully built.
59 lines
2 KiB
Text
59 lines
2 KiB
Text
$NetBSD: patch-bq,v 1.1 2009/09/07 04:08:54 dsainty Exp $
|
|
|
|
Linux doesn't support direction-specific filters. Conform to the new
|
|
set_filters() interface, but generate errors if the outbound filters are
|
|
defined.
|
|
|
|
--- pppd/sys-linux.c.orig 2009-09-07 15:42:24.000000000 +1200
|
|
+++ pppd/sys-linux.c 2009-09-07 15:50:01.000000000 +1200
|
|
@@ -1293,23 +1293,38 @@
|
|
/*
|
|
* set_filters - set the active and pass filters in the kernel driver.
|
|
*/
|
|
-int set_filters(struct bpf_program *pass, struct bpf_program *active)
|
|
+int set_filters(struct bpf_program *pass_in, struct bpf_program *pass_out,
|
|
+ struct bpf_program *active_in, struct bpf_program *active_out)
|
|
{
|
|
struct sock_fprog fp;
|
|
|
|
- fp.len = pass->bf_len;
|
|
- fp.filter = (struct sock_filter *) pass->bf_insns;
|
|
- if (ioctl(ppp_dev_fd, PPPIOCSPASS, &fp) < 0) {
|
|
- if (errno == ENOTTY)
|
|
- warn("kernel does not support PPP filtering");
|
|
- else
|
|
- error("Couldn't set pass-filter in kernel: %m");
|
|
+ if (pass_in->bf_len > 0) {
|
|
+ fp.len = pass_in->bf_len;
|
|
+ fp.filter = (struct sock_filter *) pass_in->bf_insns;
|
|
+ if (ioctl(ppp_dev_fd, PPPIOCSPASS, &fp) < 0) {
|
|
+ if (errno == ENOTTY)
|
|
+ warn("kernel does not support PPP filtering");
|
|
+ else
|
|
+ error("Couldn't set pass-filter in kernel: %m");
|
|
+ return 0;
|
|
+ }
|
|
+ }
|
|
+ if (pass_out->bf_len > 0) {
|
|
+ error("Linux doesn't support pass-filter-out, "
|
|
+ "use pass-filter-in for both directions.");
|
|
return 0;
|
|
}
|
|
- fp.len = active->bf_len;
|
|
- fp.filter = (struct sock_filter *) active->bf_insns;
|
|
- if (ioctl(ppp_dev_fd, PPPIOCSACTIVE, &fp) < 0) {
|
|
- error("Couldn't set active-filter in kernel: %m");
|
|
+ if (active_in->bf_len > 0) {
|
|
+ fp.len = active_in->bf_len;
|
|
+ fp.filter = (struct sock_filter *) active_in->bf_insns;
|
|
+ if (ioctl(ppp_dev_fd, PPPIOCSACTIVE, &fp) < 0) {
|
|
+ error("Couldn't set active-filter in kernel: %m");
|
|
+ return 0;
|
|
+ }
|
|
+ }
|
|
+ if (active_out->bf_len > 0) {
|
|
+ error("Linux doesn't support active-filter-out, "
|
|
+ "use active-filter-in for both directions.");
|
|
return 0;
|
|
}
|
|
return 1;
|