Module Name: src
Committed By: martin
Date: Tue Nov 19 10:56:35 UTC 2019
Modified Files:
src/share/examples/npf [netbsd-9]: soho_gw-npf.conf
Log Message:
Pull up following revision(s) (requested by sevan in ticket #444):
share/examples/npf/soho_gw-npf.conf: revision 1.13
share/examples/npf/soho_gw-npf.conf: revision 1.14
share/examples/npf/soho_gw-npf.conf: revision 1.15
share/examples/npf/soho_gw-npf.conf: revision 1.16
share/examples/npf/soho_gw-npf.conf: revision 1.17
share/examples/npf/soho_gw-npf.conf: revision 1.18
share/examples/npf/soho_gw-npf.conf: revision 1.19
share/examples/npf/soho_gw-npf.conf: revision 1.20
Drop the final keyword to use the default policy of last matching rule wins
default policy is to blockall
Add descriptions for all rules and make use of localnet variable in
place of direct IP address
improve description
pastos
Passive FTP works as a client without this and we're not hosting an FTP
server (port are not listed in services_tcp)
Add support for blacklistd
Rename the block table to something else to make it easier to differentiate
between action and name. Use this table as the example for populating by
npfctl.
Drop the int-block table, it's quite cumbersome to have a firewall which
needs the internal network lists added if reboot. Use the localnet
variable to indicated which network we should pass in traffic from instead.
To generate a diff of this commit:
cvs rdiff -u -r1.12 -r1.12.2.1 src/share/examples/npf/soho_gw-npf.conf
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
