git: pf: Update packet filter to the version that comes with Ope
commit 70224baa0d7c2fcfc9b51076bdc46f77a8e1e2a7
Author: Jan Lentfer <Jan.Lentfer@web.de>
Date: Sun Aug 8 09:44:38 2010 +0200
pf: Update packet filter to the version that comes with OpenBSD 4.1
The original OpenBSD 4.1 defaults to "keep state flags S/SA" for
all pass rules. In contrast to that we default to "no state". As
in earlier verions of pf in DragonFly the default keep-state
policy can still be set with the keep-policy option (e.g. "set
keep-policy keep state (pickups)").
DragonFly additions to pf have been kept: fairq support,
pickups.
Detailed Info on changes/additions:
* ALTQ: Fix altq to work with pf_mtag
Patch by Matthew Dillon
* libkern: Revert commit e104539
strchr was added to libkern.h together with strrch
* net/if.h: add interface groups
Imported from FreeBSD.
* netinet6/in6.h: add macros
IN6_IS_ADDR_MC_INTFACELOCAL
IN6_IS_SCOPE_EMBED
PV6_ADDR_SCOPE_INTFACELOCAL
* sys/libkern.h: Add strchr and strrchr as inline functions
Brought in from FreeBSD
* sys/net/if_var.h: Import interface groups
Import interface groups and event handlers from FreeBSD
* sys/net/if_var.h: add if_pf_kif, if_groups to struct ifnet
obtained from: Open/FreeBSD
* net/if_types.h: add IFT_ENC to non-IATA-assignments
obtained from Open/FreeBSD
* net/bpf.c: add bpf_mtap_hdr from OpenBSD
Con up a minimal dummy header to pacify bpf. Allocate
(only) a struct m_hdr on the stack.
Summary of changes:
include/string.h | 2 +
share/man/man4/pf.4 | 992 +++++++++++-------
share/man/man4/pflog.4 | 23 +-
share/man/man4/pfsync.4 | 56 +-
sys/conf/files | 1 -
sys/libkern/strchr.c | 45 -
sys/net/altq/altq_cbq.c | 6 +-
sys/net/altq/altq_fairq.c | 19 +-
sys/net/altq/altq_hfsc.c | 5 +-
sys/net/altq/altq_priq.c | 5 +-
sys/net/altq/altq_red.c | 8 +-
sys/net/altq/altq_subr.c | 12 +
sys/net/altq/altq_var.h | 2 +
sys/net/bpf.c | 22 +
sys/net/bpf.h | 1 +
sys/net/if.h | 30 +
sys/net/if_types.h | 1 +
sys/net/if_var.h | 35 +
sys/net/pf/Makefile | 2 +-
sys/net/pf/if_pflog.c | 169 ++--
sys/net/pf/if_pflog.h | 24 +-
sys/net/pf/if_pfsync.c | 1023 +++++++++++++------
sys/net/pf/if_pfsync.h | 148 ++-
sys/net/pf/pf.c | 2237 +++++++++++++++++++++++++++------------
sys/net/pf/pf_if.c | 743 ++++++--------
sys/net/pf/pf_ioctl.c | 1414 ++++++++++++++-----------
sys/net/pf/pf_norm.c | 532 ++++++++--
sys/net/pf/pf_osfp.c | 103 ++-
sys/net/pf/pf_ruleset.c | 419 ++++++++
sys/net/pf/pf_subr.c | 108 ++-
sys/net/pf/pf_table.c | 243 +++--
sys/net/pf/pfvar.h | 526 +++++++---
sys/netinet6/in6.h | 10 +
sys/sys/libkern.h | 13 +-
sys/sys/mbuf.h | 14 +-
sys/sys/sockio.h | 2 +
usr.sbin/authpf/Makefile | 6 +-
usr.sbin/authpf/authpf.c | 469 ++++-----
usr.sbin/authpf/pathnames.h | 1 +
usr.sbin/pfctl/Makefile | 7 +-
usr.sbin/pfctl/parse.y | 1122 ++++++++++++++------
usr.sbin/pfctl/pf.conf.5 | 1250 ++++++++++++++--------
usr.sbin/pfctl/pf.os.5 | 35 +-
usr.sbin/pfctl/pf_print_state.c | 55 +-
usr.sbin/pfctl/pfctl.8 | 376 +++++--
usr.sbin/pfctl/pfctl.c | 1452 ++++++++++++++++++--------
usr.sbin/pfctl/pfctl.h | 23 +-
usr.sbin/pfctl/pfctl_altq.c | 99 +-
usr.sbin/pfctl/pfctl_optimize.c | 1645 ++++++++++++++++++++++++++++
usr.sbin/pfctl/pfctl_osfp.c | 33 +-
usr.sbin/pfctl/pfctl_parser.c | 301 ++++--
usr.sbin/pfctl/pfctl_parser.h | 80 ++-
usr.sbin/pfctl/pfctl_qstats.c | 3 +-
usr.sbin/pfctl/pfctl_radix.c | 48 +-
usr.sbin/pfctl/pfctl_table.c | 129 ++-
55 files changed, 11267 insertions(+), 4862 deletions(-)
delete mode 100644 sys/libkern/strchr.c
create mode 100644 sys/net/pf/pf_ruleset.c
create mode 100644 usr.sbin/pfctl/pfctl_optimize.c
http://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/70224baa0d7c2fcfc9b51076bdc46f77a8e1e2a7
--
DragonFly BSD source repository