From peterjeremy@optushome.com.au  Sat Jun 21 12:11:47 2008
Return-Path: <peterjeremy@optushome.com.au>
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 7E6931065676
	for <FreeBSD-gnats-submit@freebsd.org>; Sat, 21 Jun 2008 12:11:47 +0000 (UTC)
	(envelope-from peterjeremy@optushome.com.au)
Received: from fallbackmx07.syd.optusnet.com.au (fallbackmx07.syd.optusnet.com.au [211.29.132.9])
	by mx1.freebsd.org (Postfix) with ESMTP id EDFD68FC2E
	for <FreeBSD-gnats-submit@freebsd.org>; Sat, 21 Jun 2008 12:11:46 +0000 (UTC)
	(envelope-from peterjeremy@optushome.com.au)
Received: from mail10.syd.optusnet.com.au (mail10.syd.optusnet.com.au [211.29.132.191])
	by fallbackmx07.syd.optusnet.com.au (8.13.1/8.13.1) with ESMTP id m5KLUXgk002050
	for <FreeBSD-gnats-submit@freebsd.org>; Sat, 21 Jun 2008 07:30:33 +1000
Received: from server.vk2pj.dyndns.org (c122-106-215-175.belrs3.nsw.optusnet.com.au [122.106.215.175])
	by mail10.syd.optusnet.com.au (8.13.1/8.13.1) with ESMTP id m5KLUU5O031345
	(version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO)
	for <FreeBSD-gnats-submit@freebsd.org>; Sat, 21 Jun 2008 07:30:31 +1000
Received: from server.vk2pj.dyndns.org (localhost.vk2pj.dyndns.org [127.0.0.1])
	by server.vk2pj.dyndns.org (8.14.2/8.14.2) with ESMTP id m5KLUUIt093931;
	Sat, 21 Jun 2008 07:30:30 +1000 (EST)
	(envelope-from peter@server.vk2pj.dyndns.org)
Received: (from peter@localhost)
	by server.vk2pj.dyndns.org (8.14.2/8.14.2/Submit) id m5KLUUjR093930;
	Sat, 21 Jun 2008 07:30:30 +1000 (EST)
	(envelope-from peter)
Message-Id: <200806202130.m5KLUUjR093930@server.vk2pj.dyndns.org>
Date: Sat, 21 Jun 2008 07:30:30 +1000 (EST)
From: Peter Jeremy <peter@rulingia.com>
Reply-To: Peter Jeremy <peter@rulingia.com>
To: FreeBSD-gnats-submit@freebsd.org
Subject: tcpdump(8) does not support pfsync(4) data
X-Send-Pr-Version: 3.113
X-GNATS-Notify:

>Number:         124825
>Category:       bin
>Synopsis:       tcpdump(8) does not support pfsync(4) data
>Confidential:   no
>Severity:       non-critical
>Priority:       high
>Responsible:    glebius
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          change-request
>Submitter-Id:   current-users
>Arrival-Date:   Sat Jun 21 12:20:03 UTC 2008
>Closed-Date:    Thu Jul 11 13:42:16 UTC 2013
>Last-Modified:  Thu Jul 11 13:42:16 UTC 2013
>Originator:     Peter Jeremy
>Release:        FreeBSD 7.0-STABLE i386
>Organization:
n/a
>Environment:
System: FreeBSD server.vk2pj.dyndns.org 7.0-STABLE FreeBSD 7.0-STABLE #18: Sun May 18 15:02:39 EST 2008 root@server.vk2pj.dyndns.org:/var/obj/k7/usr/src/sys/server i386

>Description:
	In its current form on FreeBSD, pf(4) has no mechanism to report
	state changes to the user.  This significantly increases the
	difficulty in debugging pf(4) issues.

>How-To-Repeat:
	Documented deficiency in FreeBSD (see pfsync(4) manpage)

>Fix:
	Port tcpdump's print-pfsync.c, as well as any other required
	infrastructure (eg libpcap patches) from OpenBSD.


>Release-Note:
>Audit-Trail:
Responsible-Changed-From-To: freebsd-bugs->mlaier 
Responsible-Changed-By: grog 
Responsible-Changed-When: Sat Jun 21 23:54:53 UTC 2008 
Responsible-Changed-Why:  
Assigned to MAINTAINER 

http://www.freebsd.org/cgi/query-pr.cgi?pr=124825 

From: Bruce Simpson <bms@incunabulum.net>
To: freebsd-gnats-submit@freebsd.org
Cc: mlaier@freebsd.org, Peter Jeremy <peterjeremy@optushome.com.au>
Subject: Re: bin/124825: tcpdump(8) does not support pfsync(4) data
Date: Fri, 24 Apr 2009 11:59:37 +0100

 Hi Peter,
 
 I don't see print-pfsync.c anywhere in tcpdump.org's tcpdump. Are you 
 sure that this doesn't originate somewhere else?
 A patch would be helpful for resolution.
 
 thanks,
 BMS

From: Peter Jeremy <peter.jeremy@alcatel-lucent.com.au>
To: Bruce Simpson <bms@incunabulum.net>
Cc: freebsd-gnats-submit@freebsd.org, mlaier@freebsd.org,
        Peter Jeremy <peterjeremy@optushome.com.au>
Subject: Re: bin/124825: tcpdump(8) does not support pfsync(4) data
Date: Fri, 1 May 2009 09:01:19 +1000

 --H+4ONPRPur6+Ovig
 Content-Type: multipart/mixed; boundary="ReaqsoxgOBHFXBhH"
 Content-Disposition: inline
 
 
 --ReaqsoxgOBHFXBhH
 Content-Type: text/plain; charset=us-ascii
 Content-Disposition: inline
 Content-Transfer-Encoding: quoted-printable
 
 Hi Bruce,
 
 Sorry for the delay.
 
 On 2009-Apr-24 11:59:37 +0100, Bruce Simpson <bms@incunabulum.net> wrote:
 >I don't see print-pfsync.c anywhere in tcpdump.org's tcpdump. Are you=20
 >sure that this doesn't originate somewhere else?
 >A patch would be helpful for resolution.
 
 As implied in the PR, pfsync support was developed by the OpenBSD
 Project.  I have attached the patches and new files I use on FreeBSD
 7.1 (I have not tried applying these patches to a recent -current).
 
 Note that I have not updated the man page.
 
 --=20
 Peter Jeremy
 
 --ReaqsoxgOBHFXBhH
 Content-Type: text/plain; charset=us-ascii
 Content-Disposition: attachment; filename=diff
 Content-Transfer-Encoding: quoted-printable
 
 Index: contrib/libpcap/pcap.c
 =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
 =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
 =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
 RCS file: /usr/ncvs/src/contrib/libpcap/pcap.c,v
 retrieving revision 1.1.1.11.2.1
 diff -u -r1.1.1.11.2.1 pcap.c
 --- contrib/libpcap/pcap.c	19 Oct 2007 03:03:56 -0000	1.1.1.11.2.1
 +++ contrib/libpcap/pcap.c	23 Jun 2008 02:19:59 -0000
 @@ -346,6 +346,7 @@
  	DLT_CHOICE(DLT_LINUX_SLL, "Linux cooked"),
  	DLT_CHOICE(DLT_LTALK, "Localtalk"),
  	DLT_CHOICE(DLT_PFLOG, "OpenBSD pflog file"),
 +	DLT_CHOICE(DLT_PFSYNC, "Packet filter state syncing"),
  	DLT_CHOICE(DLT_PRISM_HEADER, "802.11 plus Prism header"),
  	DLT_CHOICE(DLT_IP_OVER_FC, "RFC 2625 IP-over-Fibre Channel"),
  	DLT_CHOICE(DLT_SUNATM, "Sun raw ATM"),
 Index: contrib/tcpdump/addrtoname.c
 =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
 =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
 =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
 RCS file: /usr/ncvs/src/contrib/tcpdump/addrtoname.c,v
 retrieving revision 1.15.2.1
 diff -u -r1.15.2.1 addrtoname.c
 --- contrib/tcpdump/addrtoname.c	19 Oct 2007 03:03:57 -0000	1.15.2.1
 +++ contrib/tcpdump/addrtoname.c	23 Jun 2008 04:41:02 -0000
 @@ -159,6 +159,7 @@
  struct enamemem enametable[HASHNAMESIZE];
  struct enamemem nsaptable[HASHNAMESIZE];
  struct enamemem bytestringtable[HASHNAMESIZE];
 +static const char *ipprototable[256];
 =20
  struct protoidmem {
  	u_int32_t p_oui;
 @@ -686,6 +687,12 @@
  	return (tp->name);
  }
 =20
 +const char *
 +ipproto_string(u_int proto)
 +{
 +	return ipprototable[proto & 0xff];
 +}
 +
  static void
  init_servarray(void)
  {
 @@ -717,6 +724,25 @@
  	endservent();
  }
 =20
 +static void
 +init_ipprotoarray(void)
 +{
 +	int i;
 +	char buf[sizeof("000")];
 +	struct protoent	*pr;
 +
 +	if (!nflag) {
 +		while ((pr =3D getprotoent()) !=3D NULL)
 +			ipprototable[pr->p_proto & 0xff] =3D strdup(pr->p_name);
 +		endprotoent();
 +	}
 +	for (i =3D 0; i < 256; i++)
 +		if (ipprototable[i] =3D=3D NULL) {
 +			(void)snprintf(buf, sizeof(buf), "%d", i);
 +			ipprototable[i] =3D strdup(buf);
 +		}
 +}
 +
  /* in libpcap.a (nametoaddr.c) */
  #if defined(WIN32) && !defined(USE_STATIC_LIBPCAP)
  __declspec(dllimport)
 @@ -1106,6 +1132,7 @@
  		f_localnet =3D localnet;
  		f_netmask =3D mask;
  	}
 +	init_ipprotoarray();
  	if (nflag)
  		/*
  		 * Simplest way to suppress names.
 Index: contrib/tcpdump/addrtoname.h
 =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
 =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
 =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
 RCS file: /usr/ncvs/src/contrib/tcpdump/addrtoname.h,v
 retrieving revision 1.1.1.4
 diff -u -r1.1.1.4 addrtoname.h
 --- contrib/tcpdump/addrtoname.h	21 Jun 2002 00:43:21 -0000	1.1.1.4
 +++ contrib/tcpdump/addrtoname.h	23 Jun 2008 04:07:18 -0000
 @@ -28,6 +28,7 @@
  extern const char *etherproto_string(u_short);
  extern const char *tcpport_string(u_short);
  extern const char *udpport_string(u_short);
 +extern const char *ipproto_string(u_int);
  extern const char *getname(const u_char *);
  #ifdef INET6
  extern const char *getname6(const u_char *);
 Index: contrib/tcpdump/interface.h
 =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
 =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
 =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
 RCS file: /usr/ncvs/src/contrib/tcpdump/interface.h,v
 retrieving revision 1.12.2.1
 diff -u -r1.12.2.1 interface.h
 --- contrib/tcpdump/interface.h	19 Oct 2007 03:03:58 -0000	1.12.2.1
 +++ contrib/tcpdump/interface.h	23 Jun 2008 03:13:20 -0000
 @@ -75,6 +75,7 @@
  #define PT_CNFP		7	/* Cisco NetFlow protocol */
  #define PT_TFTP		8	/* trivial file transfer protocol */
  #define PT_AODV		9	/* Ad-hoc On-demand Distance Vector Protocol */
 +#define	PT_VRRP		10	/* Virtual Router Redundancy protocol */
 =20
  #ifndef min
  #define min(a,b) ((a)>(b)?(b):(a))
 @@ -198,6 +199,8 @@
  extern void egp_print(const u_char *, u_int);
  extern u_int enc_if_print(const struct pcap_pkthdr *, const u_char *);
  extern u_int pflog_if_print(const struct pcap_pkthdr *, const u_char *);
 +extern u_int pfsync_if_print(const struct pcap_pkthdr *, const u_char *);
 +extern void pfsync_ip_print(const u_char *, u_int, const u_char *);
  extern u_int arcnet_if_print(const struct pcap_pkthdr *, const u_char *);
  extern u_int arcnet_linux_if_print(const struct pcap_pkthdr *, const u_cha=
 r *);
  extern void ether_print(const u_char *, u_int, u_int);
 @@ -297,6 +300,7 @@
  extern void print_data(const unsigned char *, int);
  extern void l2tp_print(const u_char *, u_int);
  extern void vrrp_print(const u_char *, u_int, int);
 +extern void carp_print(const u_char *, u_int, int);
  extern void slow_print(const u_char *, u_int);
  extern void pgm_print(const u_char *, u_int, const u_char *);
  extern void cdp_print(const u_char *, u_int, u_int);
 Index: contrib/tcpdump/print-ip.c
 =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
 =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
 =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
 RCS file: /usr/ncvs/src/contrib/tcpdump/print-ip.c,v
 retrieving revision 1.14.2.1
 diff -u -r1.14.2.1 print-ip.c
 --- contrib/tcpdump/print-ip.c	19 Oct 2007 03:03:59 -0000	1.14.2.1
 +++ contrib/tcpdump/print-ip.c	23 Jun 2008 04:28:35 -0000
 @@ -514,8 +514,28 @@
  		break;
 =20
  	case IPPROTO_VRRP:
 -		vrrp_print(ipds->cp, ipds->len, ipds->ip->ip_ttl);
 +		if (packettype =3D=3D PT_VRRP) {
 +			if (vflag)
 +				(void)printf("vrrp %s > %s: ",
 +					     ipaddr_string(&ipds->ip->ip_src),
 +					     ipaddr_string(&ipds->ip->ip_dst));
 +			vrrp_print(ipds->cp, ipds->len, ipds->ip->ip_ttl);
 +		} else {
 +			if (vflag)
 +				(void)printf("carp %s > %s: ",
 +					     ipaddr_string(&ipds->ip->ip_src),
 +					     ipaddr_string(&ipds->ip->ip_dst));
 +			carp_print(ipds->cp, ipds->len, ipds->ip->ip_ttl);
 +		}
 +		break;
 +
 +#ifdef HAVE_NET_PFVAR_H
 +	case IPPROTO_PFSYNC:
 +		pfsync_ip_print(ipds->cp,
 +		    (int)(snapend - (u_char *)ipds->ip) - IP_HL(ipds->ip) * 4,
 +				(const u_char *)ipds->ip);
  		break;
 +#endif
 =20
  	case IPPROTO_PGM:
  		pgm_print(ipds->cp, ipds->len, (const u_char *)ipds->ip);
 Index: contrib/tcpdump/tcpdump.1
 =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
 =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
 =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
 RCS file: /usr/ncvs/src/contrib/tcpdump/tcpdump.1,v
 retrieving revision 1.17.2.1
 diff -u -r1.17.2.1 tcpdump.1
 --- contrib/tcpdump/tcpdump.1	19 Oct 2007 03:04:00 -0000	1.17.2.1
 +++ contrib/tcpdump/tcpdump.1	23 Jun 2008 03:03:41 -0000
 @@ -478,6 +478,7 @@
  \fBsnmp\fR (Simple Network Management Protocol),
  \fBtftp\fR (Trivial File Transfer Protocol),
  \fBvat\fR (Visual Audio Tool),
 +\fBvrrp\fR (Virtual Router Redundancy protocol)
  and
  \fBwb\fR (distributed White Board).
  .TP
 Index: contrib/tcpdump/tcpdump.c
 =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
 =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
 =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
 RCS file: /usr/ncvs/src/contrib/tcpdump/tcpdump.c,v
 retrieving revision 1.11.2.2
 diff -u -r1.11.2.2 tcpdump.c
 --- contrib/tcpdump/tcpdump.c	25 Nov 2007 19:28:38 -0000	1.11.2.2
 +++ contrib/tcpdump/tcpdump.c	23 Jun 2008 02:58:59 -0000
 @@ -195,6 +195,9 @@
  #if defined(DLT_PFLOG) && defined(HAVE_NET_PFVAR_H)
  	{ pflog_if_print, 	DLT_PFLOG },
  #endif
 +#if defined(DLT_PFSYNC) && defined(HAVE_NET_PFVAR_H)
 +	{ pfsync_if_print, 	DLT_PFSYNC },
 +#endif
  #ifdef DLT_FR
  	{ fr_if_print,		DLT_FR },
  #endif
 @@ -720,6 +723,8 @@
  				packettype =3D PT_TFTP;
  			else if (strcasecmp(optarg, "aodv") =3D=3D 0)
  				packettype =3D PT_AODV;
 +			else if (strcasecmp(optarg, "vrrp") =3D=3D 0)
 +				packettype =3D PT_VRRP;
  			else
  				error("unknown packet type `%s'", optarg);
  			break;
 Index: usr.sbin/tcpdump/tcpdump/Makefile
 =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
 =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
 =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
 RCS file: /usr/ncvs/src/usr.sbin/tcpdump/tcpdump/Makefile,v
 retrieving revision 1.45.2.1
 diff -u -r1.45.2.1 Makefile
 --- usr.sbin/tcpdump/tcpdump/Makefile	19 Oct 2007 03:04:02 -0000	1.45.2.1
 +++ usr.sbin/tcpdump/tcpdump/Makefile	23 Jun 2008 03:09:37 -0000
 @@ -31,7 +31,7 @@
  	print-timed.c print-token.c print-udp.c print-vjc.c print-vrrp.c \
  	print-wb.c print-zephyr.c setsignal.c tcpdump.c util.c \
  	print-smb.c smbutil.c \
 -	version.c
 +	version.c  print-carp.c
  CLEANFILES+=3D	version.c
 =20
  CFLAGS+=3D -I${.CURDIR} -I${TCPDUMP_DISTDIR}
 @@ -57,8 +57,9 @@
  .endif
 =20
  .if ${MK_PF} !=3D "no"
 -SRCS+=3D	print-pflog.c
 -CFLAGS+=3D -DHAVE_NET_PFVAR_H
 +SRCS+=3D	print-pflog.c print-pfsync.c pf_print_state.c
 +CFLAGS+=3D -DHAVE_NET_PFVAR_H -I${.CURDIR}/../../../contrib/pf/pfctl -DFAK=
 E_PF_KERNEL
 +.PATH: ${.CURDIR}/../../../contrib/pf/pfctl
  .endif
 =20
  version.c: ${TCPDUMP_DISTDIR}/VERSION
 
 --ReaqsoxgOBHFXBhH
 Content-Type: text/plain; charset=us-ascii
 Content-Disposition: attachment; filename="pf_print_state.c"
 
 /*	$OpenBSD: pf_print_state.c,v 1.3 2005/11/04 08:24:15 mcbride Exp $	*/
 
 /*
  * Copyright (c) 2001 Daniel Hartmeier
  * All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
  * are met:
  *
  *    - Redistributions of source code must retain the above copyright
  *      notice, this list of conditions and the following disclaimer.
  *    - Redistributions in binary form must reproduce the above
  *      copyright notice, this list of conditions and the following
  *      disclaimer in the documentation and/or other materials provided
  *      with the distribution.
  *
  * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
  * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
  * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
  * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
  * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
  * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
  * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
  * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
  * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN
  * ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
  * POSSIBILITY OF SUCH DAMAGE.
  *
  */
 
 #include <sys/types.h>
 #include <sys/socket.h>
 #include <net/if.h>
 #define TCPSTATES
 #include <netinet/tcp_fsm.h>
 #include <net/pfvar.h>
 #include <arpa/inet.h>
 #include <netdb.h>
 
 #include <stdio.h>
 #include <string.h>
 
 #include "pfctl_parser.h"
 #include "pfctl.h"
 #include "addrtoname.h"
 
 #include <sys/endian.h>
 #define	betoh64(x)		(unsigned long long)be64toh(x)
 
 void	print_name(struct pf_addr *, sa_family_t);
 
 void
 print_addr(struct pf_addr_wrap *addr, sa_family_t af, int verbose)
 {
 	switch (addr->type) {
 	case PF_ADDR_DYNIFTL:
 		printf("(%s", addr->v.ifname);
 		if (addr->iflags & PFI_AFLAG_NETWORK)
 			printf(":network");
 		if (addr->iflags & PFI_AFLAG_BROADCAST)
 			printf(":broadcast");
 		if (addr->iflags & PFI_AFLAG_PEER)
 			printf(":peer");
 		if (addr->iflags & PFI_AFLAG_NOALIAS)
 			printf(":0");
 		if (verbose) {
 			if (addr->p.dyncnt <= 0)
 				printf(":*");
 			else
 				printf(":%d", addr->p.dyncnt);
 		}
 		printf(")");
 		break;
 	case PF_ADDR_TABLE:
 		if (verbose)
 			if (addr->p.tblcnt == -1)
 				printf("<%s:*>", addr->v.tblname);
 			else
 				printf("<%s:%d>", addr->v.tblname,
 				    addr->p.tblcnt);
 		else
 			printf("<%s>", addr->v.tblname);
 		return;
 	case PF_ADDR_ADDRMASK:
 		if (PF_AZERO(&addr->v.a.addr, AF_INET6) &&
 		    PF_AZERO(&addr->v.a.mask, AF_INET6))
 			printf("any");
 		else {
 			char buf[48];
 
 			if (inet_ntop(af, &addr->v.a.addr, buf,
 			    sizeof(buf)) == NULL)
 				printf("?");
 			else
 				printf("%s", buf);
 		}
 		break;
 	case PF_ADDR_NOROUTE:
 		printf("no-route");
 		return;
 	default:
 		printf("?");
 		return;
 	}
 	if (! PF_AZERO(&addr->v.a.mask, af)) {
 		int bits = unmask(&addr->v.a.mask, af);
 
 		if (bits != (af == AF_INET ? 32 : 128))
 			printf("/%d", bits);
 	}
 }
 
 void
 print_name(struct pf_addr *addr, sa_family_t af)
 {
 	const char *host;
 
 	switch (af) {
 	case AF_INET:
 		host = getname((const char *)&addr->v4);
 		break;
 	case AF_INET6:
 		host = getname6((const char *)&addr->v6);
 		break;
 	default:
 		host = "?";
 		break;
 	}
 	printf("%s", host);
 }
 
 void
 print_host(struct pf_state_host *h, sa_family_t af, int opts)
 {
 	u_int16_t p = ntohs(h->port);
 
 	if (opts & PF_OPT_USEDNS)
 		print_name(&h->addr, af);
 	else {
 		struct pf_addr_wrap aw;
 
 		memset(&aw, 0, sizeof(aw));
 		aw.v.a.addr = h->addr;
 		if (af == AF_INET)
 			aw.v.a.mask.addr32[0] = 0xffffffff;
 		else {
 			memset(&aw.v.a.mask, 0xff, sizeof(aw.v.a.mask));
 			af = AF_INET6;
 		}
 		print_addr(&aw, af, opts & PF_OPT_VERBOSE2);
 	}
 
 	if (p) {
 		if (af == AF_INET)
 			printf(":%u", p);
 		else
 			printf("[%u]", p);
 	}
 }
 
 void
 print_seq(struct pf_state_peer *p)
 {
 	if (p->seqdiff)
 		printf("[%u + %u](+%u)", p->seqlo, p->seqhi - p->seqlo,
 		    p->seqdiff);
 	else
 		printf("[%u + %u]", p->seqlo, p->seqhi - p->seqlo);
 }
 
 void
 print_state(struct pf_state *s, int opts)
 {
 	struct pf_state_peer *src, *dst;
 	int min, sec;
 
 	if (s->direction == PF_OUT) {
 		src = &s->src;
 		dst = &s->dst;
 	} else {
 		src = &s->dst;
 		dst = &s->src;
 	}
 	printf("%s ", s->u.ifname);
 	printf("%s ", ipproto_string(s->proto));
 	if (PF_ANEQ(&s->lan.addr, &s->gwy.addr, s->af) ||
 	    (s->lan.port != s->gwy.port)) {
 		print_host(&s->lan, s->af, opts);
 		if (s->direction == PF_OUT)
 			printf(" -> ");
 		else
 			printf(" <- ");
 	}
 	print_host(&s->gwy, s->af, opts);
 	if (s->direction == PF_OUT)
 		printf(" -> ");
 	else
 		printf(" <- ");
 	print_host(&s->ext, s->af, opts);
 
 	printf("    ");
 	if (s->proto == IPPROTO_TCP) {
 		if (src->state <= TCPS_TIME_WAIT &&
 		    dst->state <= TCPS_TIME_WAIT)
 			printf("\n   %s:%s", tcpstates[src->state],
 			    tcpstates[dst->state]);
 		else if (src->state == PF_TCPS_PROXY_SRC ||
 		    dst->state == PF_TCPS_PROXY_SRC)
 			printf("\n   PROXY:SRC");
 		else if (src->state == PF_TCPS_PROXY_DST ||
 		    dst->state == PF_TCPS_PROXY_DST)
 			printf("\n   PROXY:DST");
 		else
 			printf("\n   <BAD STATE LEVELS %u:%u>",
 			    src->state, dst->state);
 		if (opts & PF_OPT_VERBOSE) {
 			printf("\n   ");
 			print_seq(src);
 			if (src->wscale && dst->wscale)
 				printf(" wscale %u",
 				    src->wscale & PF_WSCALE_MASK);
 			printf("  ");
 			print_seq(dst);
 			if (src->wscale && dst->wscale)
 				printf(" wscale %u",
 				    dst->wscale & PF_WSCALE_MASK);
 		}
 	} else if (s->proto == IPPROTO_UDP && src->state < PFUDPS_NSTATES &&
 	    dst->state < PFUDPS_NSTATES) {
 		const char *states[] = PFUDPS_NAMES;
 
 		printf("   %s:%s", states[src->state], states[dst->state]);
 	} else if (s->proto != IPPROTO_ICMP && src->state < PFOTHERS_NSTATES &&
 	    dst->state < PFOTHERS_NSTATES) {
 		/* XXX ICMP doesn't really have state levels */
 		const char *states[] = PFOTHERS_NAMES;
 
 		printf("   %s:%s", states[src->state], states[dst->state]);
 	} else {
 		printf("   %u:%u", src->state, dst->state);
 	}
 
 	if (opts & PF_OPT_VERBOSE) {
 		sec = s->creation % 60;
 		s->creation /= 60;
 		min = s->creation % 60;
 		s->creation /= 60;
 		printf("\n   age %.2u:%.2u:%.2u", s->creation, min, sec);
 		sec = s->expire % 60;
 		s->expire /= 60;
 		min = s->expire % 60;
 		s->expire /= 60;
 		printf(", expires in %.2u:%.2u:%.2u", s->expire, min, sec);
 		printf(", %llu:%llu pkts, %llu:%llu bytes",
 		    s->packets[0], s->packets[1], s->bytes[0], s->bytes[1]);
 		if (s->anchor.nr != -1)
 			printf(", anchor %u", s->anchor.nr);
 		if (s->rule.nr != -1)
 			printf(", rule %u", s->rule.nr);
 		if (s->src_node != NULL)
 			printf(", source-track");
 		if (s->nat_src_node != NULL)
 			printf(", sticky-address");
 	}
 	if (opts & PF_OPT_VERBOSE2) {
 		printf("\n   id: %016llx creatorid: %08x",
 		    betoh64(s->id), ntohl(s->creatorid));
 	}
 }
 
 int
 unmask(struct pf_addr *m, sa_family_t af)
 {
 	int i = 31, j = 0, b = 0;
 	u_int32_t tmp;
 
 	while (j < 4 && m->addr32[j] == 0xffffffff) {
 		b += 32;
 		j++;
 	}
 	if (j < 4) {
 		tmp = ntohl(m->addr32[j]);
 		for (i = 31; tmp & (1 << i); --i)
 			b++;
 	}
 	return (b);
 }
 
 --ReaqsoxgOBHFXBhH
 Content-Type: text/plain; charset=us-ascii
 Content-Disposition: attachment; filename="print-carp.c"
 
 /*	$OpenBSD: print-carp.c,v 1.5 2007/10/07 16:41:05 deraadt Exp $	*/
 
 /*
  * Copyright (c) 2000 William C. Fenner.
  *                All rights reserved.
  *
  * Kevin Steves <ks@hp.se> July 2000
  * Modified to:
  * - print version, type string and packet length
  * - print IP address count if > 1 (-v)
  * - verify checksum (-v)
  * - print authentication string (-v)
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that: (1) source code
  * distributions retain the above copyright notice and this paragraph
  * in its entirety, and (2) distributions including binary code include
  * the above copyright notice and this paragraph in its entirety in
  * the documentation or other materials provided with the distribution.
  * The name of William C. Fenner may not be used to endorse or
  * promote products derived from this software without specific prior
  * written permission.  THIS SOFTWARE IS PROVIDED ``AS IS'' AND
  * WITHOUT ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, WITHOUT
  * LIMITATION, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
  * FOR A PARTICULAR PURPOSE.
  *
  * from tcpdump.org:
  * Header: /tcpdump/master/tcpdump/print-vrrp.c,v 1.3 2000/10/10 05:05:08 guy Exp
  */
 
 #ifndef lint
 static const char rcsid[] =
     "@(#) $Id: print-carp.c,v 1.5 2007/10/07 16:41:05 deraadt Exp $";
 #endif
 
 #ifdef HAVE_CONFIG_H
 #include "config.h"
 #endif
 
 #include <stdio.h>
 #include <stdlib.h>
 #include <unistd.h>
 
 #include <netinet/in.h>
 
 #include "interface.h"
 #include "extract.h"
 #include "addrtoname.h"
 
 void
 carp_print(register const u_char *bp, register u_int len, int ttl)
 {
 	int version, type;
 	char *type_s;
 
 	TCHECK(bp[0]);
 	version = (bp[0] & 0xf0) >> 4;
 	type = bp[0] & 0x0f;
 	if (type == 1)
 		type_s = "advertise";
 	else
 		type_s = "unknown";
 	printf("CARPv%d-%s %d: ", version, type_s, len);
 	if (ttl != 255)
 		printf("[ttl=%d!] ", ttl);
 	if (version != 2 || type != 1)
 		return;
 	TCHECK(bp[2]);
 	TCHECK(bp[5]);
 	printf("vhid=%d advbase=%d advskew=%d demote=%d",
 	    bp[1], bp[5], bp[2], bp[4]);
 	if (vflag) {
 		if (TTEST2(bp[0], len) && in_cksum((const u_short*)bp, len, 0))
 			printf(" (bad carp cksum %x!)",
 				EXTRACT_16BITS(&bp[6]));
 	}
 	return;
 trunc:
 	printf("[|carp]");
 }
 
 --ReaqsoxgOBHFXBhH
 Content-Type: text/plain; charset=us-ascii
 Content-Disposition: attachment; filename="print-pfsync.c"
 
 /*	$OpenBSD: print-pfsync.c,v 1.32 2007/10/07 16:41:05 deraadt Exp $	*/
 
 /*
  * Copyright (c) 2002 Michael Shalayeff
  * All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
  * are met:
  * 1. Redistributions of source code must retain the above copyright
  *    notice, this list of conditions and the following disclaimer.
  * 2. Redistributions in binary form must reproduce the above copyright
  *    notice, this list of conditions and the following disclaimer in the
  *    documentation and/or other materials provided with the distribution.
  *
  * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
  * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
  * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
  * IN NO EVENT SHALL THE AUTHOR OR HIS RELATIVES BE LIABLE FOR ANY DIRECT,
  * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
  * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
  * SERVICES; LOSS OF MIND, USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
  * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING
  * IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF
  * THE POSSIBILITY OF SUCH DAMAGE.
  */
 
 #ifndef lint
 static const char rcsid[] =
     "@(#) $Id: print-pfsync.c,v 1.32 2007/10/07 16:41:05 deraadt Exp $";
 #endif
 
 #include <sys/param.h>
 #include <sys/time.h>
 #include <sys/socket.h>
 #include <sys/file.h>
 #include <sys/ioctl.h>
 #include <sys/mbuf.h>
 
 #ifdef __STDC__
 struct rtentry;
 #endif
 #include <net/if.h>
 
 #include <netinet/in.h>
 #include <netinet/in_systm.h>
 #include <netinet/ip.h>
 
 #include <net/pfvar.h>
 #include <net/if_pfsync.h>
 
 #include <ctype.h>
 #include <netdb.h>
 #include <pcap.h>
 #include <signal.h>
 #include <stdio.h>
 #include <string.h>
 
 #include "interface.h"
 #include "addrtoname.h"
 #include "pfctl_parser.h"
 #include "pfctl.h"
 
 #include <sys/endian.h>
 #define	betoh64(x)		(unsigned long long)be64toh(x)
 
 const char *pfsync_acts[] = { PFSYNC_ACTIONS };
 
 void	pfsync_print(struct pfsync_header *, int);
 
 u_int
 pfsync_if_print(const struct pcap_pkthdr *h, const u_char *p)
 {
 	u_int caplen = h->caplen;
 	u_int hdrlen;
 
 	if (caplen < PFSYNC_HDRLEN) {
 		printf("[|pfsync]");
 		goto out;
 	}
 
 	pfsync_print((struct pfsync_header *)p,
 	    caplen - sizeof(struct pfsync_header));
 out:
 	return (PFSYNC_HDRLEN);
 }
 
 void
 pfsync_ip_print(const u_char *bp, u_int len, const u_char *bp2)
 {
 	struct pfsync_header *hdr = (struct pfsync_header *)bp;
 	struct ip *ip = (struct ip *)bp2;
 
 	if (vflag)
 		printf("%s > %s: ", ipaddr_string(&ip->ip_src),
 		    ipaddr_string(&ip->ip_dst));
 	else
 		printf("%s: ", ipaddr_string(&ip->ip_src));
 
 	if (len < PFSYNC_HDRLEN)
 		printf("[|pfsync]");
 	else
 		pfsync_print(hdr, (len - sizeof(struct pfsync_header)));
 	putchar('\n');
 }
 
 void
 pfsync_print(struct pfsync_header *hdr, int len)
 {
 	struct pfsync_state *s;
 	struct pfsync_state_upd *u;
 	struct pfsync_state_del *d;
 	struct pfsync_state_clr *c;
 	struct pfsync_state_upd_req *r;
 	struct pfsync_state_bus *b;
 #ifdef PFSYNC_TDB
 	struct pfsync_tdb *t;
 #endif
 	int i, flags = 0, min, sec;
 	u_int64_t id;
 
 	if (eflag)
 		printf("PFSYNCv%d count %d: ",
 		    hdr->version, hdr->count);
 
 	if (hdr->action < PFSYNC_ACT_MAX)
 		printf("%s:", pfsync_acts[hdr->action]);
 	else
 		printf("%d?:", hdr->action);
 	if (vflag)
 		flags |= PF_OPT_VERBOSE;
 	if (vflag > 1)
 		flags |= PF_OPT_VERBOSE2;
 	if (!nflag)
 		flags |= PF_OPT_USEDNS;
 
 	switch (hdr->action) {
 	case PFSYNC_ACT_CLR:
 		if (sizeof(*c) <= len) {
 			c = (void *)((char *)hdr + PFSYNC_HDRLEN);
 			printf("\n\tcreatorid: %08x", htonl(c->creatorid));
 			if (c->ifname[0] != '\0')
 				printf(" interface: %s", c->ifname);
 		}
 	case PFSYNC_ACT_INS:
 	case PFSYNC_ACT_UPD:
 	case PFSYNC_ACT_DEL:
 		for (i = 1, s = (void *)((char *)hdr + PFSYNC_HDRLEN);
 		    i <= hdr->count && i * sizeof(*s) <= len; i++, s++) {
 			struct pf_state st;
 
 			bzero(&st, sizeof(st));
 			bcopy(&s->id, &st.id, sizeof(st.id));
 
 			strlcpy(st.u.ifname, s->ifname, sizeof(st.u.ifname));
 			pf_state_host_ntoh(&s->lan, &st.lan);
 			pf_state_host_ntoh(&s->gwy, &st.gwy);
 			pf_state_host_ntoh(&s->ext, &st.ext);
 			pf_state_peer_ntoh(&s->src, &st.src);
 			pf_state_peer_ntoh(&s->dst, &st.dst);
 			st.rule.nr = ntohl(s->rule);
 			st.nat_rule.nr = ntohl(s->nat_rule);
 			st.anchor.nr = ntohl(s->anchor);
 			bcopy(&s->rt_addr, &st.rt_addr, sizeof(st.rt_addr));
 			st.creation = ntohl(s->creation);
 			st.expire = ntohl(s->expire);
 			pf_state_counter_ntoh(s->packets[0], st.packets[0]);
 			pf_state_counter_ntoh(s->packets[1], st.packets[1]);
 			pf_state_counter_ntoh(s->bytes[0], st.bytes[0]);
 			pf_state_counter_ntoh(s->bytes[1], st.bytes[1]);
 			st.creatorid = s->creatorid;
 			st.af = s->af;
 			st.proto = s->proto;
 			st.direction = s->direction;
 			st.log = s->log;
 			st.timeout = s->timeout;
 			st.allow_opts = s->allow_opts;
 			st.sync_flags = s->sync_flags;
 
 			putchar('\n');
 			print_state(&st, flags);
 			if (vflag > 1 && hdr->action == PFSYNC_ACT_UPD)
 				printf(" updates: %d", s->updates);
 		}
 		break;
 	case PFSYNC_ACT_UPD_C:
 		for (i = 1, u = (void *)((char *)hdr + PFSYNC_HDRLEN);
 		    i <= hdr->count && i * sizeof(*u) <= len; i++, u++) {
 			bcopy(&u->id, &id, sizeof(id));
 			printf("\n\tid: %016llx creatorid: %08x",
 			    betoh64(id), ntohl(u->creatorid));
 			if (vflag > 1)
 				printf(" updates: %d", u->updates);
 		}
 		break;
 	case PFSYNC_ACT_DEL_C:
 		for (i = 1, d = (void *)((char *)hdr + PFSYNC_HDRLEN);
 		    i <= hdr->count && i * sizeof(*d) <= len; i++, d++) {
 			bcopy(&d->id, &id, sizeof(id));
 			printf("\n\tid: %016llx creatorid: %08x",
 			    betoh64(id), ntohl(d->creatorid));
 		}
 		break;
 	case PFSYNC_ACT_UREQ:
 		for (i = 1, r = (void *)((char *)hdr + PFSYNC_HDRLEN);
 		    i <= hdr->count && i * sizeof(*r) <= len; i++, r++) {
 			bcopy(&r->id, &id, sizeof(id));
 			printf("\n\tid: %016llx creatorid: %08x",
 			    betoh64(id), ntohl(r->creatorid));
 		}
 		break;
 	case PFSYNC_ACT_BUS:
 		if (sizeof(*b) <= len) {
 			b = (void *)((char *)hdr + PFSYNC_HDRLEN);
 			printf("\n\tcreatorid: %08x", htonl(b->creatorid));
 			sec = b->endtime % 60;
 			b->endtime /= 60;
 			min = b->endtime % 60;
 			b->endtime /= 60;
 			printf(" age %.2u:%.2u:%.2u", b->endtime, min, sec);
 			switch (b->status) {
 			case PFSYNC_BUS_START:
 				printf(" status: start");
 				break;
 			case PFSYNC_BUS_END:
 				printf(" status: end");
 				break;
 			default:
 				printf(" status: ?");
 				break;
 			}
 		}
 		break;
 #ifdef PFSYNC_TDB
 	case PFSYNC_ACT_TDB_UPD:
 		for (i = 1, t = (void *)((char *)hdr + PFSYNC_HDRLEN);
 		    i <= hdr->count && i * sizeof(*t) <= len; i++, t++)
 			printf("\n\tspi: %08x rpl: %u cur_bytes: %llu",
 			    htonl(t->spi), htonl(t->rpl),
 			    betoh64(t->cur_bytes));
 			/* XXX add dst and sproto? */
 		break;
 #endif
 	default:
 		break;
 	}
 }
 
 --ReaqsoxgOBHFXBhH--
 
 --H+4ONPRPur6+Ovig
 Content-Type: application/pgp-signature
 Content-Disposition: inline
 
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v2.0.10 (FreeBSD)
 
 iEYEARECAAYFAkn6Lb8ACgkQ/opHv/APuIdeFgCgn918HkUSOnmNr3UEgS/apbVz
 MFcAn1nAt3nX+Ye9gKgPtaCgAC3dMnAD
 =X2pU
 -----END PGP SIGNATURE-----
 
 --H+4ONPRPur6+Ovig--

From: Kurt Jaeger <pi@opsec.eu>
To: bug-followup@FreeBSD.org, peterjeremy@optushome.com.au
Cc:  
Subject: Re: Re: ports/124825: tcpdump/print-pfsync feature request
 submitted to tcpdump on sourceforge
Date: Fri, 30 Dec 2011 20:22:12 +0100

 Hi!
 
 I added some pointer to your PR at:
 
 https://sourceforge.net/tracker/?func=detail&atid=469576&aid=3467532&group_id=53066
 
 -- 
 pi@opsec.eu            +49 171 3101372                         9 years to go !

From: Kurt Jaeger <pi@opsec.eu>
To: bug-followup@FreeBSD.org, peterjeremy@optushome.com.au
Cc: freebsd-net@freebsd.org
Subject: Re: ports/124825: tcpdump/print-pfsync feature request submitted to
 tcpdump on sourceforge
Date: Sun, 2 Sep 2012 18:57:00 +0200

 Hi!
 
 > I added some pointer to your PR at:
 > 
 > https://sourceforge.net/tracker/?func=detail&atid=469576&aid=3467532&group_id=53066
 
 The answer to that pointer was from 
 http://sourceforge.net/users/guy_harris/
 
 --------
 I, at least, have no plan to include anything that requires that, in order
 to build tcpdump, a -I flag that points to a header file that's internal to
 some project's source tree rather than being installed under /usr/include.
 
 Unfortunately, both packet-pfsync.c and pf_print_state.c, in both that
 patch and in OpenBSD, will build only if the include path includes the
 source directory for the pfctl command, so I'm not going to do any more
 work on this until at least one OS makes all the required include files
 public headers installed in /usr/include or a directory under that.
 --------
 
 So, if /usr/src/sbin/pfctl/Makefile would install pfctl.h and
 pfctl_parser.h into /usr/include/net, the tcpdump people would
 include print-pfsync.c.
 
 Any chance for this ?
 
 -- 
 pi@opsec.eu            +49 171 3101372                         8 years to go !

From: Kurt Jaeger <pi@opsec.eu>
To: bug-followup@FreeBSD.org, peterjeremy@optushome.com.au
Cc: freebsd-net@freebsd.org
Subject: Re: ports/124825: tcpdump/print-pfsync feature request submitted to
 tcpdump on sourceforge
Date: Sun, 2 Sep 2012 19:12:28 +0200

 Hi!
 
 So, if /usr/src/sbin/pfctl/Makefile would install pfctl.h and
 pfctl_parser.h into /usr/include/net, the tcpdump people would
 include print-pfsync.c.
 
 Any chance for this ?
 
 -- 
 pi@opsec.eu            +49 171 3101372                         8 years to go !

From: Gleb Smirnoff <glebius@FreeBSD.org>
To: Kurt Jaeger <pi@opsec.eu>
Cc: bug-followup@FreeBSD.org, peterjeremy@optushome.com.au,
        freebsd-net@FreeBSD.org
Subject: Re: ports/124825: tcpdump/print-pfsync feature request submitted to
 tcpdump on sourceforge
Date: Mon, 3 Sep 2012 15:51:57 +0400

 On Sun, Sep 02, 2012 at 06:57:00PM +0200, Kurt Jaeger wrote:
 K> > I added some pointer to your PR at:
 K> > 
 K> > https://sourceforge.net/tracker/?func=detail&atid=469576&aid=3467532&group_id=53066
 K> 
 K> The answer to that pointer was from 
 K> http://sourceforge.net/users/guy_harris/
 K> 
 K> --------
 K> I, at least, have no plan to include anything that requires that, in order
 K> to build tcpdump, a -I flag that points to a header file that's internal to
 K> some project's source tree rather than being installed under /usr/include.
 K> 
 K> Unfortunately, both packet-pfsync.c and pf_print_state.c, in both that
 K> patch and in OpenBSD, will build only if the include path includes the
 K> source directory for the pfctl command, so I'm not going to do any more
 K> work on this until at least one OS makes all the required include files
 K> public headers installed in /usr/include or a directory under that.
 K> --------
 K> 
 K> So, if /usr/src/sbin/pfctl/Makefile would install pfctl.h and
 K> pfctl_parser.h into /usr/include/net, the tcpdump people would
 K> include print-pfsync.c.
 K> 
 K> Any chance for this ?
 
 This is possible. May be in 10.0-RELEASE.
 
 -- 
 Totus tuus, Glebius.
State-Changed-From-To: open->open 
State-Changed-By: linimon 
State-Changed-When: Wed Jul 3 00:50:32 UTC 2013 
State-Changed-Why:  
commit bit has been taken in for safekeeping. 


Responsible-Changed-From-To: mlaier->freebsd-pf 
Responsible-Changed-By: linimon 
Responsible-Changed-When: Wed Jul 3 00:50:32 UTC 2013 
Responsible-Changed-Why:  

http://www.freebsd.org/cgi/query-pr.cgi?pr=124825 
State-Changed-From-To: open->closed 
State-Changed-By: glebius 
State-Changed-When: Thu Jul 11 13:40:12 UTC 2013 
State-Changed-Why:  
Feature added to FreeBSD 10 and FreeBSD 9. 


Responsible-Changed-From-To: freebsd-pf->glebius 
Responsible-Changed-By: glebius 
Responsible-Changed-When: Thu Jul 11 13:40:12 UTC 2013 
Responsible-Changed-Why:  
Feature added to FreeBSD 10 and FreeBSD 9. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=124825 
>Unformatted:
