| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
It's possible for the capture buffer to be smaller than indicated by the
header length. However, pfsync_print() only took the header length into
account. As a result we could read outside of the buffer.
Check that we have at least the expected amount of data before we start
parsing.
PR: 278034
MFC after: 2 weeks
Sponsored by: Rubicon Communications, LLC ("Netgate")
Differential Revision: https://reviews.freebsd.org/D44580
|
|
|
|
|
|
|
|
| |
Fixes: ee67461e (tpcdump: Update to 4.99.4)
Reported by: glebius
Reviewed by: kp
Differential Revision: https://reviews.freebsd.org/D40578
|
|
|
|
|
|
|
|
|
|
|
|
| |
Local changes:
- Update some local modifications to fix build
- Synch config.h with upstream as much as possible
Changelog: https://git.tcpdump.org/tcpdump/blob/55bc126b0216cfe409b8d6bd378f65679d136ddf:/CHANGES
Reviewed by: emaste
Obtained from: https://www.tcpdump.org/release/tcpdump-4.99.4.tar.gz
Sponsored by: The FreeBSD Foundation
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Make struct pfsync_state contents configurable by sending out new
versions of the structure in separate subheader actions. Both old and
new version of struct pfsync_state can be understood, so replication of
states from a system running an older kernel is possible. The version
being sent out is configured using ifconfig pfsync0 … version XXXX. The
version is an user-friendly string - 1301 stands for FreeBSD 13.1 (I
have checked synchronization against a host running 13.1), 1400 stands
for 14.0.
A host running an older kernel will just ignore the messages and count
them as "packets discarded for bad action".
Reviewed by: kp
Sponsored by: InnoGames GmbH
Differential Revision: https://reviews.freebsd.org/D39392
|
|
|
|
|
|
|
| |
Reviewed by: kp, scottl
Obtained from: pfsense
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D31153
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
It fixes many buffer overflow in different protocol parsers, but none of
them are critical, even in absense of Capsicum.
Security: CVE-2016-7922, CVE-2016-7923, CVE-2016-7924, CVE-2016-7925
Security: CVE-2016-7926, CVE-2016-7927, CVE-2016-7928, CVE-2016-7929
Security: CVE-2016-7930, CVE-2016-7931, CVE-2016-7932, CVE-2016-7933
Security: CVE-2016-7934, CVE-2016-7935, CVE-2016-7936, CVE-2016-7937
Security: CVE-2016-7938, CVE-2016-7939, CVE-2016-7940, CVE-2016-7973
Security: CVE-2016-7974, CVE-2016-7975, CVE-2016-7983, CVE-2016-7984
Security: CVE-2016-7985, CVE-2016-7986, CVE-2016-7992, CVE-2016-7993
Security: CVE-2016-8574, CVE-2016-8575, CVE-2017-5202, CVE-2017-5203
Security: CVE-2017-5204, CVE-2017-5205, CVE-2017-5341, CVE-2017-5342
Security: CVE-2017-5482, CVE-2017-5483, CVE-2017-5484, CVE-2017-5485
Security: CVE-2017-5486
Notes:
svn path=/head/; revision=313048
|
|
|
|
|
|
|
|
|
|
|
| |
Convert the pfsync dissector to use the netdissect framework.
Differential Revision: https://reviews.freebsd.org/D2359
Reviewed by: glebius
Sponsored by: DARPA, AFRL
Notes:
svn path=/head/; revision=281938
|
|
|
|
|
|
|
| |
MFC after: 1 month
Notes:
svn path=/head/; revision=276788
|
|
doesn't mean supporting IFT_PFSYNC (which I hope will eventually
die). This means decoding packets with IP protocol of 240 caught
on any normal interface like Ethernet.
The code is based on couple of files from OpenBSD, significantly
modified by myself.
Parser differentiates for four levels of verbosity: no -v, -v,
-vv and -vvv.
We don't yet forward this code upstream, because currently it
strongly relies on if_pfsync.h and even on pfvar.h. I hope that
this can be fixed in future.
Reviewed by: gnn, delphij
Notes:
svn path=/head/; revision=241221
|