Module Name: src
Committed By: riz
Date: Tue Apr 3 17:22:54 UTC 2012
Modified Files:
src/lib/libnpf [netbsd-6]: npf.c npf.h
src/sys/net/npf [netbsd-6]: npf.c npf.h npf_alg.c npf_alg_icmp.c
npf_ctl.c npf_handler.c npf_impl.h npf_inet.c npf_instr.c npf_log.c
npf_nat.c npf_ncode.h npf_processor.c npf_rproc.c npf_ruleset.c
npf_sendpkt.c npf_session.c npf_tableset.c
src/usr.sbin/npf/npfctl [netbsd-6]: Makefile npf_build.c npf_ncgen.c
npf_parse.y npfctl.h
Added Files:
src/usr.sbin/npf/npfctl [netbsd-6]: npf_disassemble.c
Log Message:
Pull up following revision(s) (requested by rmind in ticket #158):
sys/net/npf/npf_session.c: revision 1.12
sys/net/npf/npf_tableset.c: revision 1.10
sys/net/npf/npf_rproc.c: revision 1.2
usr.sbin/npf/npfctl/npf_parse.y: revision 1.4
sys/net/npf/npf_inet.c: revision 1.11
sys/net/npf/npf.h: revision 1.15
usr.sbin/npf/npfctl/npf_build.c: revision 1.5
sys/net/npf/npf_ruleset.c: revision 1.11
sys/net/npf/npf_instr.c: revision 1.10
usr.sbin/npf/npfctl/Makefile: revision 1.6
sys/net/npf/npf_processor.c: revision 1.10
sys/net/npf/npf_log.c: revision 1.3
lib/libnpf/npf.h: revision 1.7
sys/net/npf/npf_alg.c: revision 1.3
sys/net/npf/npf_sendpkt.c: revision 1.9
lib/libnpf/npf.c: revision 1.8
usr.sbin/npf/npfctl/npfctl.h: revision 1.13
sys/net/npf/npf_ctl.c: revision 1.13
usr.sbin/npf/npfctl/npf_ncgen.c: revision 1.8
sys/net/npf/npf_ctl.c: revision 1.14
sys/net/npf/npf_nat.c: revision 1.11
sys/net/npf/npf_nat.c: revision 1.12
sys/net/npf/npf_impl.h: revision 1.11
usr.sbin/npf/npfctl/npf_disassemble.c: revision 1.1
sys/net/npf/npf_impl.h: revision 1.12
usr.sbin/npf/npfctl/npf_disassemble.c: revision 1.2
sys/net/npf/npf_handler.c: revision 1.14
usr.sbin/npf/npfctl/npf_disassemble.c: revision 1.3
sys/net/npf/npf_handler.c: revision 1.15
sys/net/npf/npf_ncode.h: revision 1.6
sys/net/npf/npf.c: revision 1.8
sys/net/npf/npf.c: revision 1.9
sys/net/npf/npf_alg_icmp.c: revision 1.9
sys/net/npf/npf_session.c: revision 1.11
- Add NPF_DECISION_BLOCK and NPF_DECISION_PASS. Be more defensive in the
packet handler. Change the default policy to block when the config is
loaded and set it to pass when flush operation is performed.
- Use kmem_zalloc(9) instead of kmem_alloc(9) in few places.
- npf_rproc_{create,release}: use kmem_intr_{alloc,free} as the destruction
of rule procedure might happen in the interrupt handler (under a very rare
condition, if config reload races with the handler).
- npf_session_establish: check whether layer 3 and 4 are cached.
- npfctl_build_group: do not make groups as passing rules.
- Remove some unecessary header inclusion.
Simplify slightly: merge iface into addr_or_iface, use it in filt_addr.
Add a small disassembler.
definitions used by the disassembler.
- better printing of type/code flags/mask
- pass the instruction start pointer, instead of subtracting 1 to account for it
- Save active config in proplib dictionary; add GETCONF ioctl to retrieve.
- Few fixes. Improve some comments.
don't leak the branch target array.
Add NPF config retrieval routines.
To generate a diff of this commit:
cvs rdiff -u -r1.7 -r1.7.2.1 src/lib/libnpf/npf.c
cvs rdiff -u -r1.6 -r1.6.2.1 src/lib/libnpf/npf.h
cvs rdiff -u -r1.7 -r1.7.2.1 src/sys/net/npf/npf.c
cvs rdiff -u -r1.14 -r1.14.2.1 src/sys/net/npf/npf.h
cvs rdiff -u -r1.2 -r1.2.16.1 src/sys/net/npf/npf_alg.c
cvs rdiff -u -r1.8 -r1.8.4.1 src/sys/net/npf/npf_alg_icmp.c \
src/sys/net/npf/npf_sendpkt.c
cvs rdiff -u -r1.12 -r1.12.2.1 src/sys/net/npf/npf_ctl.c
cvs rdiff -u -r1.13 -r1.13.2.1 src/sys/net/npf/npf_handler.c
cvs rdiff -u -r1.10 -r1.10.2.1 src/sys/net/npf/npf_impl.h \
src/sys/net/npf/npf_nat.c src/sys/net/npf/npf_ruleset.c
cvs rdiff -u -r1.10 -r1.10.4.1 src/sys/net/npf/npf_inet.c \
src/sys/net/npf/npf_session.c
cvs rdiff -u -r1.9 -r1.9.2.1 src/sys/net/npf/npf_instr.c \
src/sys/net/npf/npf_processor.c src/sys/net/npf/npf_tableset.c
cvs rdiff -u -r1.2 -r1.2.14.1 src/sys/net/npf/npf_log.c
cvs rdiff -u -r1.5 -r1.5.6.1 src/sys/net/npf/npf_ncode.h
cvs rdiff -u -r1.1 -r1.1.2.1 src/sys/net/npf/npf_rproc.c
cvs rdiff -u -r1.5 -r1.5.2.1 src/usr.sbin/npf/npfctl/Makefile
cvs rdiff -u -r1.4 -r1.4.2.1 src/usr.sbin/npf/npfctl/npf_build.c
cvs rdiff -u -r0 -r1.3.2.2 src/usr.sbin/npf/npfctl/npf_disassemble.c
cvs rdiff -u -r1.7 -r1.7.2.1 src/usr.sbin/npf/npfctl/npf_ncgen.c
cvs rdiff -u -r1.3 -r1.3.2.1 src/usr.sbin/npf/npfctl/npf_parse.y
cvs rdiff -u -r1.11 -r1.11.2.1 src/usr.sbin/npf/npfctl/npfctl.h
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
