Commit Graph

27 Commits

Author SHA1 Message Date
Robert Watson
460b3e8f1d Replace an OpenBSDism with a FreeBSDism in the pfctl(8) man page: we put
configuration file man pages in section 5, and we prefer rc.conf to
rc.conf.local.

MFC after:	3 days
2012-01-05 23:11:05 +00:00
Bjoern A. Zeeb
e0bfbfce79 Update packet filter (pf) code to OpenBSD 4.5.
You need to update userland (world and ports) tools
to be in sync with the kernel.

Submitted by:	mlaier
Submitted by:	eri
2011-06-28 11:57:25 +00:00
Bjoern A. Zeeb
38a253506a Add a new option -P to suppress getservbyport(3) calls when printing rules.
This allows one to force consistent printing of numeric port numbers like
we do with -n for other tools like netstat (just that -n was already taken)
rather than the service names.

-P is currently unused in OpenBSD so the change is eligible for upstreaming.

PR:		misc/151015
Submitted by:	Matt Koivisto (mkoivisto sandvine.com)
Sponsored by:	Sandvine Incorporated
MFC after:	1 week
2011-06-13 20:11:28 +00:00
Xin LI
dcc2b1ff46 Adapt OpenBSD pf's "sloopy" TCP state machine which is useful for Direct
Server Return mode, where not all packets would be visible to the load
balancer or gateway.

This commit should be reverted when we merge future pf versions.  The
benefit it would provide is that this version does not break any existing
public interface and thus won't be a problem if we want to MFC it to
earlier FreeBSD releases.

Discussed with:	mlaier
Obtained from:	OpenBSD
Sponsored by:	iXsystems, Inc.
MFC after:	1 month
2009-12-24 00:43:44 +00:00
Max Laier
551100331f Flatten out the pf userland vendor area 2008-12-10 19:31:42 +00:00
Julian Elischer
30ab20975f Max's changes got left out of the MRT commit. 2008-05-09 23:53:01 +00:00
Max Laier
4239d24b98 Make ALTQ cope with disappearing interfaces (particularly common with mpd
and netgraph in gernal).  This also allows to add queues for an interface
that is not yet existing (you have to provide the bandwidth for the
interface, however).

PR:		kern/106400, kern/117827
MFC after:	2 weeks
2008-03-29 00:24:36 +00:00
Max Laier
5ee7cd2107 Commit resolved import of OpenBSD 4.1 pf userland from perforce.
Approved by:	re (kensmith)
2007-07-03 12:30:03 +00:00
Max Laier
67ecd4f3a4 Import pf userland from OpenBSD 4.1 and (for ftp-proxy) libevent 1.3b as
a local lib.
2007-07-03 12:22:02 +00:00
Max Laier
fc515400ab This commit was generated by cvs2svn to compensate for changes in r171169,
which included commits to RCS files with non-trunk default branches.
2007-07-03 12:22:02 +00:00
Max Laier
e3ae39ac24 From OpenBSD, rev. 1.91:
fix servicecurve check; no point in checking the same sc three times, it
  was obviously intended to check all three. has been wrong since the
  beginning, 4 years... noticed by Earl Lapus <earl.lapus@gmail.com>, Vasil
  Dimov <vd@FreeBSD.org> mailed me then, ok mcbride

MFC after:	3 days
2006-11-30 18:55:36 +00:00
Christian Brueffer
f0ea72a038 - Remove MLINKS to nonexistant manpages
- Change some section numbers to match reality
- For MLINKS to manpages from ports, mention which port installs them

MFC after:	3 days
2005-07-14 20:29:08 +00:00
Max Laier
0baf7c8675 Resolve conflicts created during the import of pf 3.7 Some features are
missing and will be implemented in a second step.  This is functional as is.

Tested by:	freebsd-pf, pfsense.org
Obtained from:	OpenBSD
2005-05-03 16:55:20 +00:00
Max Laier
61a1372b41 Import pf userland from OpenBSD 3.7 (OPENBSD_3_7 as of today) 2005-05-03 16:47:37 +00:00
Max Laier
b1feb7cada This commit was generated by cvs2svn to compensate for changes in r145837,
which included commits to RCS files with non-trunk default branches.
2005-05-03 16:47:37 +00:00
Max Laier
c5be312a19 Loopback a fix from Cedric Berger:
Fix table add/replace commands with securelevel=2.
	Reported by James J. Lippard.

Discussed with:	yongari
MFC after:	5 days
2004-08-22 16:58:06 +00:00
Max Laier
8a7574f3ce Import pfctl_table.c#1.61 from OpenBSD into vendor branch. 2004-08-22 16:53:39 +00:00
Max Laier
4238db7522 Fix printing of u_int64_t with a cast to unsigned long long.
Found-by:	tinderbox(amd64)
2004-06-17 15:23:51 +00:00
Max Laier
22ac3ead26 Commit userland part of pf version 3.5 from OpenBSD (OPENBSD_3_5_BASE). 2004-06-16 23:39:33 +00:00
Max Laier
abff386833 Import userland of pf 3.5 from OpenBSD (OPENBSD_3_5_BASE). 2004-06-16 23:26:00 +00:00
Max Laier
24b10b46ce This commit was generated by cvs2svn to compensate for changes in r130614,
which included commits to RCS files with non-trunk default branches.
2004-06-16 23:26:00 +00:00
David E. O'Brien
a10f530f93 Fix $FreeBSD$ ids. 2004-03-16 17:24:06 +00:00
Max Laier
b83a49e9b9 Fix some style(9) related issues after discussion with/education from bde:
- Add <sys/param.h> and <limits.h> where required (do not depend on other
   headers pulling it in).
 - __dead -> __dead2
 - #if defined() -> #ifdef
 - Remove ugly PRIu64 macros and use %llu w/ (unsigned long long) cast.

All changes looped back to OpenBSD (where applicable) for easier sync in the
future.

Requested by:	bde
Approved by:	bms(mentor)
2004-03-15 13:41:17 +00:00
Max Laier
ffe9fd66ee Fix two instances of improper NULL/0 use idetified by the changes lately.
Submitted by:	Patrick Marie
Approved by:	bms(mentor)
2004-03-08 15:19:55 +00:00
Max Laier
23ecd01b79 Add local define of HTONL() as it was decided to protect this by _KERNEL
in <net/pfvar.h>
2004-02-28 18:41:43 +00:00
Max Laier
8c8618f5e8 Apply diff from the port.
Rather small diff for the userland (in contrast to the kernel):
 - Some header file location/differences
 - Clean compilation on 64bit arch (identified by bento a long time ago)
 - ALTQ not (yet) available. Leave a switch for patchsets and future ...
 - most files can be used from the vendor branch

Approved by:	bms(in general)
2004-02-28 17:32:53 +00:00
Max Laier
13b9f61009 Vendor import of OpenBSD's pf userland as of OpenBSD 3.4
Approved by: bms(mentor), core(in general)
2004-02-28 16:52:45 +00:00