Module Name: src
Committed By: rmind
Date: Mon Feb 20 00:18:20 UTC 2012
Modified Files:
src/sys/net/npf: npf.c npf_alg.c npf_alg_icmp.c npf_ctl.c npf_handler.c
npf_impl.h npf_inet.c npf_instr.c npf_log.c npf_nat.c
npf_processor.c npf_rproc.c npf_ruleset.c npf_sendpkt.c
npf_session.c npf_tableset.c
src/usr.sbin/npf/npfctl: npf_build.c
Log Message:
- Add NPF_DECISION_BLOCK and NPF_DECISION_PASS. Be more defensive in the
packet handler. Change the default policy to block when the config is
loaded and set it to pass when flush operation is performed.
- Use kmem_zalloc(9) instead of kmem_alloc(9) in few places.
- npf_rproc_{create,release}: use kmem_intr_{alloc,free} as the destruction
of rule procedure might happen in the interrupt handler (under a very rare
condition, if config reload races with the handler).
- npf_session_establish: check whether layer 3 and 4 are cached.
- npfctl_build_group: do not make groups as passing rules.
- Remove some unecessary header inclusion.
To generate a diff of this commit:
cvs rdiff -u -r1.7 -r1.8 src/sys/net/npf/npf.c
cvs rdiff -u -r1.2 -r1.3 src/sys/net/npf/npf_alg.c src/sys/net/npf/npf_log.c
cvs rdiff -u -r1.8 -r1.9 src/sys/net/npf/npf_alg_icmp.c \
src/sys/net/npf/npf_sendpkt.c
cvs rdiff -u -r1.12 -r1.13 src/sys/net/npf/npf_ctl.c
cvs rdiff -u -r1.13 -r1.14 src/sys/net/npf/npf_handler.c
cvs rdiff -u -r1.10 -r1.11 src/sys/net/npf/npf_impl.h \
src/sys/net/npf/npf_inet.c src/sys/net/npf/npf_nat.c \
src/sys/net/npf/npf_ruleset.c src/sys/net/npf/npf_session.c
cvs rdiff -u -r1.9 -r1.10 src/sys/net/npf/npf_instr.c \
src/sys/net/npf/npf_processor.c src/sys/net/npf/npf_tableset.c
cvs rdiff -u -r1.1 -r1.2 src/sys/net/npf/npf_rproc.c
cvs rdiff -u -r1.4 -r1.5 src/usr.sbin/npf/npfctl/npf_build.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
