git: pf: Update packet filter to the version that comes with OpenBSD 4.1

Jan Lentfer lentferj at crater.dragonflybsd.org
Sun Aug 8 12:32:17 PDT 2010


commit 70224baa0d7c2fcfc9b51076bdc46f77a8e1e2a7
Author: Jan Lentfer <Jan.Lentfer at web.de>
Date:   Sun Aug 8 09:44:38 2010 +0200

    pf: Update packet filter to the version that comes with OpenBSD 4.1
    
        The original OpenBSD 4.1 defaults to "keep state flags S/SA" for
        all pass rules. In contrast to that we default to "no state". As
        in earlier verions of pf in DragonFly the default keep-state
        policy can still be set with the keep-policy option (e.g. "set
        keep-policy keep state (pickups)").
    
        DragonFly additions to pf have been kept: fairq support,
        pickups.
    
    	Detailed Info on changes/additions:
    	* ALTQ: Fix altq to work with pf_mtag
    		Patch by Matthew Dillon
    	* libkern: Revert commit e104539
    		strchr was added to libkern.h together with strrch
    	* net/if.h: add interface groups
    		Imported from FreeBSD.
    	* netinet6/in6.h: add macros
    		IN6_IS_ADDR_MC_INTFACELOCAL
    		IN6_IS_SCOPE_EMBED
    		PV6_ADDR_SCOPE_INTFACELOCAL
    	* sys/libkern.h: Add strchr and strrchr as inline functions
    		Brought in from FreeBSD
    	* sys/net/if_var.h: Import interface groups
    		Import interface groups and event handlers from FreeBSD
    	* sys/net/if_var.h: add if_pf_kif, if_groups to struct ifnet
    		obtained from: Open/FreeBSD
    	* net/if_types.h: add IFT_ENC to non-IATA-assignments
    		obtained from Open/FreeBSD
    	* net/bpf.c: add bpf_mtap_hdr from OpenBSD
    		Con up a minimal dummy header to pacify bpf.  Allocate
    		(only) a struct m_hdr on the stack.

Summary of changes:
 include/string.h                |    2 +
 share/man/man4/pf.4             |  992 +++++++++++-------
 share/man/man4/pflog.4          |   23 +-
 share/man/man4/pfsync.4         |   56 +-
 sys/conf/files                  |    1 -
 sys/libkern/strchr.c            |   45 -
 sys/net/altq/altq_cbq.c         |    6 +-
 sys/net/altq/altq_fairq.c       |   19 +-
 sys/net/altq/altq_hfsc.c        |    5 +-
 sys/net/altq/altq_priq.c        |    5 +-
 sys/net/altq/altq_red.c         |    8 +-
 sys/net/altq/altq_subr.c        |   12 +
 sys/net/altq/altq_var.h         |    2 +
 sys/net/bpf.c                   |   22 +
 sys/net/bpf.h                   |    1 +
 sys/net/if.h                    |   30 +
 sys/net/if_types.h              |    1 +
 sys/net/if_var.h                |   35 +
 sys/net/pf/Makefile             |    2 +-
 sys/net/pf/if_pflog.c           |  169 ++--
 sys/net/pf/if_pflog.h           |   24 +-
 sys/net/pf/if_pfsync.c          | 1023 +++++++++++++------
 sys/net/pf/if_pfsync.h          |  148 ++-
 sys/net/pf/pf.c                 | 2237 +++++++++++++++++++++++++++------------
 sys/net/pf/pf_if.c              |  743 ++++++--------
 sys/net/pf/pf_ioctl.c           | 1414 ++++++++++++++-----------
 sys/net/pf/pf_norm.c            |  532 ++++++++--
 sys/net/pf/pf_osfp.c            |  103 ++-
 sys/net/pf/pf_ruleset.c         |  419 ++++++++
 sys/net/pf/pf_subr.c            |  108 ++-
 sys/net/pf/pf_table.c           |  243 +++--
 sys/net/pf/pfvar.h              |  526 +++++++---
 sys/netinet6/in6.h              |   10 +
 sys/sys/libkern.h               |   13 +-
 sys/sys/mbuf.h                  |   14 +-
 sys/sys/sockio.h                |    2 +
 usr.sbin/authpf/Makefile        |    6 +-
 usr.sbin/authpf/authpf.c        |  469 ++++-----
 usr.sbin/authpf/pathnames.h     |    1 +
 usr.sbin/pfctl/Makefile         |    7 +-
 usr.sbin/pfctl/parse.y          | 1122 ++++++++++++++------
 usr.sbin/pfctl/pf.conf.5        | 1250 ++++++++++++++--------
 usr.sbin/pfctl/pf.os.5          |   35 +-
 usr.sbin/pfctl/pf_print_state.c |   55 +-
 usr.sbin/pfctl/pfctl.8          |  376 +++++--
 usr.sbin/pfctl/pfctl.c          | 1452 ++++++++++++++++++--------
 usr.sbin/pfctl/pfctl.h          |   23 +-
 usr.sbin/pfctl/pfctl_altq.c     |   99 +-
 usr.sbin/pfctl/pfctl_optimize.c | 1645 ++++++++++++++++++++++++++++
 usr.sbin/pfctl/pfctl_osfp.c     |   33 +-
 usr.sbin/pfctl/pfctl_parser.c   |  301 ++++--
 usr.sbin/pfctl/pfctl_parser.h   |   80 ++-
 usr.sbin/pfctl/pfctl_qstats.c   |    3 +-
 usr.sbin/pfctl/pfctl_radix.c    |   48 +-
 usr.sbin/pfctl/pfctl_table.c    |  129 ++-
 55 files changed, 11267 insertions(+), 4862 deletions(-)
 delete mode 100644 sys/libkern/strchr.c
 create mode 100644 sys/net/pf/pf_ruleset.c
 create mode 100644 usr.sbin/pfctl/pfctl_optimize.c

http://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/70224baa0d7c2fcfc9b51076bdc46f77a8e1e2a7


-- 
DragonFly BSD source repository





More information about the Commits mailing list