Enable pfctl(8) to recursively flush rules and tables from PF driver. The
recursive operation ("pfctl -a '*' ...") works for '-s' option already. This
change enables the same thing for '-F' option, so "pfctl -a '*' -Fa" will flush
everything from PF driver.

The idea was discussed with many on tech@ in spring 2019.

OK kn@

When system calls indicate an error they return -1, not some arbitrary
value < 0. errno is only updated in this case. Change all (most?)
callers of syscalls to follow this better, and let's see if this strictness
helps us in the future.

print_ioctl() is unused if not debugging. Found with clang, after
marking the function "static". Use OSFP_DEBUG, in a similar
fashion to OPT_DEBUG (pfctl_optimize.c).

OK bluhm@

Move includes.

This reduces the diff with usr.sbin/tcpdump/pfctl_osfp.c. The change
from tcpdump is newer, so change pfctl. No binary change.

OK deraadt@

Remove NULL-checks before free(). ok tb@

Include <netinet/in.h> before <net/pfvar.h>. In a future change when
ports is ready, <net/pfvar.h> will stop including a pile of balony.

Replace <sys/param.h> with <limits.h> and other less dirty headers where
possible. Annotate <sys/param.h> lines with their current reasons. Switch
to PATH_MAX, NGROUPS_MAX, HOST_NAME_MAX+1, LOGIN_NAME_MAX, etc. Change
MIN() and MAX() to local definitions of MINIMUM() and MAXIMUM() where
sensible to avoid pulling in the pollution. These are the files confirmed
through binary verification.
ok guenther, millert, doug (helped with the verification protocol)

Remove unnecessary netinet/in_systm.h include.

ok millert@

Whole bunch of (unsigned char) casts carefully added for ctype calls.
Careful second audit by millert

Revert non-compatible and undocumented bullshit commited by 3 developers
who decided to just do it on their own. henning, mcbride, jsing -- shame
on you -- if you had shown this diff to just 1 other network developer,
the astounding mistake in it would have been noticed. Start practicing
inclusionary development instead of going alone.
ok claudio

Add quirks support to operating system fingerprinting. tcpdump part
by mcbride@.

ok mcbride@ henning@

spelling fixes, from Brad Tilley; we will not fix src/sbin/dump/dump.h
as neither arrayified not arrayfied exist -- sanctioned dictionaries
like Merriam-Webster ones suggest a few alternatives (e.g., arrayed),
however these made up words are easy to understand and we are not
certain that current ones are not ok.

ok jmc@

IPv6 passive OS fingerprinting.
reuses IPv4 signature file (assuming that TCP code is shared among IPv4/v6).
mcbride ok.

Plug simple memory leak. ``Don't forget to free tcpopts when you
are done.''

From NetBSD from Coverity CID 2057.

OK henning@ and jaredy@

return; at end of function is dorky

Fix indentation as to not mislead the code reader. No functional change.

Make sure that fingerprint_count gets reset to 0 correctly when we flush
our list of fingerprints.

ok dhartmei@ henning@ frantzen@

use strchr instead of index

Do not try to load directories. found+ok mpech@

make pfctl -s all a bit more useful again by not printing a lllooooooottttt of
OS fingerprints and a list of interface drivers...
cedric deraadt ok

KNF

KNF

Clean up 'pfctl -s all' output.

ok deraadt@ henning@

kill dangling 'else'. fixes modulus in W and M TCP options

pf spelling police
ok dhartmei@ jmc@

KNF

Add Michal Zalewski's p0f v2 style passive OS fingerprinting to PF.
Exposes the source IP's operating system to the filter language.
Interesting policy decisions are now enforceable:
. block proto tcp from any os SCO
. block proto tcp from any os Windows to any port smtp
. rdr ... from any os "Windows 98" to port WWW -> 127.0.0.1 port 8001

When system calls indicate an error they return -1, not some arbitrary
value < 0. errno is only updated in this case. Change all (most?)
callers of syscalls to follow this better, and let's see if this strictness
helps us in the future.

print_ioctl() is unused if not debugging. Found with clang, after
marking the function "static". Use OSFP_DEBUG, in a similar
fashion to OPT_DEBUG (pfctl_optimize.c).

OK bluhm@

Move includes.

This reduces the diff with usr.sbin/tcpdump/pfctl_osfp.c. The change
from tcpdump is newer, so change pfctl. No binary change.

OK deraadt@

Remove NULL-checks before free(). ok tb@

Include <netinet/in.h> before <net/pfvar.h>. In a future change when
ports is ready, <net/pfvar.h> will stop including a pile of balony.

Replace <sys/param.h> with <limits.h> and other less dirty headers where
possible. Annotate <sys/param.h> lines with their current reasons. Switch
to PATH_MAX, NGROUPS_MAX, HOST_NAME_MAX+1, LOGIN_NAME_MAX, etc. Change
MIN() and MAX() to local definitions of MINIMUM() and MAXIMUM() where
sensible to avoid pulling in the pollution. These are the files confirmed
through binary verification.
ok guenther, millert, doug (helped with the verification protocol)

Remove unnecessary netinet/in_systm.h include.

ok millert@

Whole bunch of (unsigned char) casts carefully added for ctype calls.
Careful second audit by millert

Revert non-compatible and undocumented bullshit commited by 3 developers
who decided to just do it on their own. henning, mcbride, jsing -- shame
on you -- if you had shown this diff to just 1 other network developer,
the astounding mistake in it would have been noticed. Start practicing
inclusionary development instead of going alone.
ok claudio

Add quirks support to operating system fingerprinting. tcpdump part
by mcbride@.

ok mcbride@ henning@

spelling fixes, from Brad Tilley; we will not fix src/sbin/dump/dump.h
as neither arrayified not arrayfied exist -- sanctioned dictionaries
like Merriam-Webster ones suggest a few alternatives (e.g., arrayed),
however these made up words are easy to understand and we are not
certain that current ones are not ok.

ok jmc@

IPv6 passive OS fingerprinting.
reuses IPv4 signature file (assuming that TCP code is shared among IPv4/v6).
mcbride ok.

Plug simple memory leak. ``Don't forget to free tcpopts when you
are done.''

From NetBSD from Coverity CID 2057.

OK henning@ and jaredy@

return; at end of function is dorky

Fix indentation as to not mislead the code reader. No functional change.

Make sure that fingerprint_count gets reset to 0 correctly when we flush
our list of fingerprints.

ok dhartmei@ henning@ frantzen@

use strchr instead of index

Do not try to load directories. found+ok mpech@

make pfctl -s all a bit more useful again by not printing a lllooooooottttt of
OS fingerprints and a list of interface drivers...
cedric deraadt ok

KNF

KNF

Clean up 'pfctl -s all' output.

ok deraadt@ henning@

kill dangling 'else'. fixes modulus in W and M TCP options

pf spelling police
ok dhartmei@ jmc@

KNF

Add Michal Zalewski's p0f v2 style passive OS fingerprinting to PF.
Exposes the source IP's operating system to the filter language.
Interesting policy decisions are now enforceable:
. block proto tcp from any os SCO
. block proto tcp from any os Windows to any port smtp
. rdr ... from any os "Windows 98" to port WWW -> 127.0.0.1 port 8001

print_ioctl() is unused if not debugging. Found with clang, after
marking the function "static". Use OSFP_DEBUG, in a similar
fashion to OPT_DEBUG (pfctl_optimize.c).

OK bluhm@

Move includes.

This reduces the diff with usr.sbin/tcpdump/pfctl_osfp.c. The change
from tcpdump is newer, so change pfctl. No binary change.

OK deraadt@

Remove NULL-checks before free(). ok tb@

Include <netinet/in.h> before <net/pfvar.h>. In a future change when
ports is ready, <net/pfvar.h> will stop including a pile of balony.

Replace <sys/param.h> with <limits.h> and other less dirty headers where
possible. Annotate <sys/param.h> lines with their current reasons. Switch
to PATH_MAX, NGROUPS_MAX, HOST_NAME_MAX+1, LOGIN_NAME_MAX, etc. Change
MIN() and MAX() to local definitions of MINIMUM() and MAXIMUM() where
sensible to avoid pulling in the pollution. These are the files confirmed
through binary verification.
ok guenther, millert, doug (helped with the verification protocol)

Remove unnecessary netinet/in_systm.h include.

ok millert@

Whole bunch of (unsigned char) casts carefully added for ctype calls.
Careful second audit by millert

Revert non-compatible and undocumented bullshit commited by 3 developers
who decided to just do it on their own. henning, mcbride, jsing -- shame
on you -- if you had shown this diff to just 1 other network developer,
the astounding mistake in it would have been noticed. Start practicing
inclusionary development instead of going alone.
ok claudio

Add quirks support to operating system fingerprinting. tcpdump part
by mcbride@.

ok mcbride@ henning@

spelling fixes, from Brad Tilley; we will not fix src/sbin/dump/dump.h
as neither arrayified not arrayfied exist -- sanctioned dictionaries
like Merriam-Webster ones suggest a few alternatives (e.g., arrayed),
however these made up words are easy to understand and we are not
certain that current ones are not ok.

ok jmc@

IPv6 passive OS fingerprinting.
reuses IPv4 signature file (assuming that TCP code is shared among IPv4/v6).
mcbride ok.

Plug simple memory leak. ``Don't forget to free tcpopts when you
are done.''

From NetBSD from Coverity CID 2057.

OK henning@ and jaredy@

return; at end of function is dorky

Fix indentation as to not mislead the code reader. No functional change.

Make sure that fingerprint_count gets reset to 0 correctly when we flush
our list of fingerprints.

ok dhartmei@ henning@ frantzen@

use strchr instead of index

Do not try to load directories. found+ok mpech@

make pfctl -s all a bit more useful again by not printing a lllooooooottttt of
OS fingerprints and a list of interface drivers...
cedric deraadt ok

KNF

KNF

Clean up 'pfctl -s all' output.

ok deraadt@ henning@

kill dangling 'else'. fixes modulus in W and M TCP options

pf spelling police
ok dhartmei@ jmc@

KNF

Add Michal Zalewski's p0f v2 style passive OS fingerprinting to PF.
Exposes the source IP's operating system to the filter language.
Interesting policy decisions are now enforceable:
. block proto tcp from any os SCO
. block proto tcp from any os Windows to any port smtp
. rdr ... from any os "Windows 98" to port WWW -> 127.0.0.1 port 8001