Module Name: src
Committed By: rmind
Date: Tue Jan 18 20:33:46 UTC 2011
Modified Files:
src/sys/net: if.c if.h
src/sys/net/npf: npf.c npf.h npf_alg_icmp.c npf_ctl.c npf_handler.c
npf_impl.h npf_inet.c npf_instr.c npf_log.c npf_mbuf.c npf_nat.c
npf_ruleset.c npf_sendpkt.c npf_session.c npf_state.c
src/usr.sbin/npf/npfctl: npf.conf.5 npf_data.c npf_parser.c npfctl.8
npfctl.c npfctl.h
Log Message:
NPF checkpoint:
- Add the concept of rule procedure: separate normalization, logging and
potentially other functions from the rule structure. Rule procedure can be
shared amongst the rules. Separation is both at kernel level (npf_rproc_t)
and configuration ("procedure" + "apply").
- Fix portmap sharing for NAT policy.
- Update TCP state tracking logic. Use TCP FSM definitions.
- Add if_byindex(), OK by matt@. Use in logging for the lookup.
- Fix traceroute ALG and many other bugs; misc clean-up.
To generate a diff of this commit:
cvs rdiff -u -r1.249 -r1.250 src/sys/net/if.c
cvs rdiff -u -r1.148 -r1.149 src/sys/net/if.h
cvs rdiff -u -r1.2 -r1.3 src/sys/net/npf/npf.c src/sys/net/npf/npf_state.c
cvs rdiff -u -r1.5 -r1.6 src/sys/net/npf/npf.h src/sys/net/npf/npf_alg_icmp.c \
src/sys/net/npf/npf_handler.c src/sys/net/npf/npf_impl.h \
src/sys/net/npf/npf_inet.c src/sys/net/npf/npf_mbuf.c \
src/sys/net/npf/npf_ruleset.c
cvs rdiff -u -r1.4 -r1.5 src/sys/net/npf/npf_ctl.c \
src/sys/net/npf/npf_instr.c src/sys/net/npf/npf_nat.c
cvs rdiff -u -r1.1 -r1.2 src/sys/net/npf/npf_log.c
cvs rdiff -u -r1.3 -r1.4 src/sys/net/npf/npf_sendpkt.c
cvs rdiff -u -r1.6 -r1.7 src/sys/net/npf/npf_session.c
cvs rdiff -u -r1.2 -r1.3 src/usr.sbin/npf/npfctl/npf.conf.5
cvs rdiff -u -r1.5 -r1.6 src/usr.sbin/npf/npfctl/npf_data.c
cvs rdiff -u -r1.4 -r1.5 src/usr.sbin/npf/npfctl/npf_parser.c \
src/usr.sbin/npf/npfctl/npfctl.h
cvs rdiff -u -r1.3 -r1.4 src/usr.sbin/npf/npfctl/npfctl.8 \
src/usr.sbin/npf/npfctl/npfctl.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
