Committer: Diego Biurrun <diego@xxxxxxxxxx> Date: 16/04/2010 at 02:37:03 Revision: 4313 Revision-id: diego@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx Branch nick: trunk Log: Remove disabled code from the rest of the firewall subdirectory. Modified: M firewall/cache.h M firewall/cache_port.c M firewall/firewall.c M firewall/firewall_control.c M firewall/firewalldb.c M firewall/user_ipsec_esp.c === modified file 'firewall/cache.h' --- firewall/cache.h 2010-03-19 09:00:54 +0000 +++ firewall/cache.h 2010-04-15 23:36:41 +0000 @@ -17,10 +17,6 @@ firewall_cache_hl_t *hip_cache_create_hl_entry(void); -//unsigned long hip_firewall_cache_hash_ip_peer(const void *ptr); - -//int hip_firewall_cache_match_ip_peer(const void *ptr1, const void *ptr2); - void hip_firewall_cache_delete_hldb(int); === modified file 'firewall/cache_port.c' --- firewall/cache_port.c 2010-04-13 15:42:49 +0000 +++ firewall/cache_port.c 2010-04-15 23:36:41 +0000 @@ -128,9 +128,6 @@ int err = 0; HIP_DEBUG("\n"); -/* - * HIP_ASSERT(ha_entry != NULL); - */ new_entry = (firewall_port_cache_hl_t *) (hip_cache_create_hl_entry()); memcpy(new_entry->port_and_protocol, key, strlen(key)); new_entry->traffic_type = value; === modified file 'firewall/firewall.c' --- firewall/firewall.c 2010-04-15 20:47:19 +0000 +++ firewall/firewall.c 2010-04-15 23:36:41 +0000 @@ -817,7 +817,6 @@ hip_perf_write_benchmark(perf_set, PERF_ALL); #endif HIP_DEBUG("Closing firewall...\n"); - //hip_uninit_proxy_db(); firewall_exit(); exit(signal); } @@ -2138,32 +2137,22 @@ check_and_create_dir("results", DEFAULT_CONFIG_DIR_MODE); /* To keep things simple, we use a subset of the performance set originally created for the HIP daemon. */ - //hip_perf_set_name(perf_set, PERF_I1_SEND, "results/PERF_I1_SEND.csv"); hip_perf_set_name(perf_set, PERF_I1, "results/PERF_I1.csv"); hip_perf_set_name(perf_set, PERF_R1, "results/PERF_R1.csv"); hip_perf_set_name(perf_set, PERF_I2, "results/PERF_I2.csv"); hip_perf_set_name(perf_set, PERF_R2, "results/PERF_R2.csv"); - //hip_perf_set_name(perf_set, PERF_DH_CREATE,"results/PERF_DH_CREATE.csv"); - //hip_perf_set_name(perf_set, PERF_SIGN,"results/PERF_SIGN.csv"); - //hip_perf_set_name(perf_set, PERF_DSA_SIGN_IMPL,"results/PERF_DSA_SIGN_IMPL.csv"); hip_perf_set_name(perf_set, PERF_VERIFY, "results/PERF_VERIFY.csv"); hip_perf_set_name(perf_set, PERF_BASE, "results/PERF_BASE.csv"); hip_perf_set_name(perf_set, PERF_ALL, "results/PERF_ALL.csv"); - //hip_perf_set_name(perf_set, PERF_UPDATE_SEND,"results/PERF_UPDATE_SEND.csv"); - //hip_perf_set_name(perf_set, PERF_VERIFY_UPDATE,"results/PERF_VERIFY_UPDATE.csv"); hip_perf_set_name(perf_set, PERF_UPDATE_COMPLETE, "results/PERF_UPDATE_COMPLETE.csv"); - //hip_perf_set_name(perf_set, PERF_HANDLE_UPDATE_ESTABLISHED,"results/PERF_HANDLE_UPDATE_ESTABLISHED.csv"); - //hip_perf_set_name(perf_set, PERF_HANDLE_UPDATE_REKEYING,"results/PERF_HANDLE_UPDATE_REKEYING.csv"); - //hip_perf_set_name(perf_set, PERF_UPDATE_FINISH_REKEYING,"results/PERF_UPDATE_FINISH_REKEYING.csv"); + hip_perf_set_name(perf_set, PERF_CLOSE_SEND, "results/PERF_CLOSE_SEND.csv"); hip_perf_set_name(perf_set, PERF_HANDLE_CLOSE, "results/PERF_HANDLE_CLOSE.csv"); hip_perf_set_name(perf_set, PERF_HANDLE_CLOSE_ACK, "results/PERF_HANDLE_CLOSE_ACK.csv"); hip_perf_set_name(perf_set, PERF_HANDLE_UPDATE_1, "results/PERF_HANDLE_UPDATE_1.csv"); - //hip_perf_set_name(perf_set, PERF_HANDLE_UPDATE_2,"results/PERF_HANDLE_UPDATE_2.csv"); hip_perf_set_name(perf_set, PERF_CLOSE_COMPLETE, "results/PERF_CLOSE_COMPLETE.csv"); hip_perf_set_name(perf_set, PERF_DSA_VERIFY_IMPL, "results/PERF_DSA_VERIFY_IMPL.csv"); hip_perf_set_name(perf_set, PERF_RSA_VERIFY_IMPL, "results/PERF_RSA_VERIFY_IMPL.csv"); - //hip_perf_set_name(perf_set, PERF_RSA_SIGN_IMPL,"results/PERF_RSA_SIGN_IMPL.csv"); HIP_DEBUG("Opening perf set\n"); hip_perf_open(perf_set); === modified file 'firewall/firewall_control.c' --- firewall/firewall_control.c 2010-04-13 16:39:45 +0000 +++ firewall/firewall_control.c 2010-04-15 23:36:41 +0000 @@ -141,19 +141,6 @@ HIP_ERROR("Proxy update Failed!\n"); } -#if 0 - if (hip_proxy_conn_add_entry(&local_addr, - &peer_addr, - proxy_hit, - &peer_hit, - protocol, - port_client, - port_peer, - HIP_PROXY_TRANSLATE)) { - HIP_ERROR("ConnDB add entry Failed!\n"); - } -#endif - /* Drop packet. Firewall translates further retransmissions correctly */ err = 0; } @@ -240,8 +227,6 @@ } break; case HIP_MSG_TURN_INFO: - // struct hip_turn_info *turn = hip_get_param_contents(HIP_PARAM_TURN_INFO); - // save to database break; case HIP_MSG_RESET_FIREWALL_DB: hip_firewall_cache_delete_hldb(0); === modified file 'firewall/firewalldb.c' --- firewall/firewalldb.c 2010-04-15 20:47:19 +0000 +++ firewall/firewalldb.c 2010-04-15 23:36:41 +0000 @@ -744,7 +744,7 @@ sent, (len + sizeof(struct ip))); HIP_DEBUG("Packet sent ok\n"); } - } //if !is_ipv6 + } out_err: if (is_ipv6) { === modified file 'firewall/user_ipsec_esp.c' --- firewall/user_ipsec_esp.c 2010-04-13 10:57:54 +0000 +++ firewall/user_ipsec_esp.c 2010-04-15 23:36:41 +0000 @@ -613,7 +613,6 @@ in, elen, hmac_md, &hmac_md_len); // actual auth verification - //if (memcmp(&in[elen], hmac_md, hmac_md_len) != 0) if (memcmp(&in[elen], hmac_md, alen) != 0) { HIP_DEBUG("ESP packet could not be authenticated\n");