Up to [cvs.NetBSD.org] / src / share / examples / npf
Request diff between arbitrary revisions
Default branch: MAIN
Current tag: MAIN
Revision 1.21 / (download) - annotate - [select for diffs], Mon Jul 31 16:09:01 2023 UTC (7 months, 2 weeks ago) by tsutsui
Branch: MAIN
CVS Tags: triaxx-drm,
HEAD
Changes since 1.20: +3 -3
lines
Diff to previous 1.20 (colored)
Use proper variables for interface names in examples.
Revision 1.20 / (download) - annotate - [select for diffs], Mon Nov 18 22:27:27 2019 UTC (4 years, 4 months ago) by sevan
Branch: MAIN
CVS Tags: phil-wifi-20200421,
phil-wifi-20200411,
phil-wifi-20200406,
phil-wifi-20191119,
netbsd-10-base,
is-mlppp-base,
is-mlppp,
cjep_sun2x-base1,
cjep_sun2x-base,
cjep_sun2x,
cjep_staticlib_x-base1,
cjep_staticlib_x-base,
cjep_staticlib_x
Branch point for: netbsd-10
Changes since 1.19: +7 -8
lines
Diff to previous 1.19 (colored)
Rename the block table to something else to make it easier to differentiate between action and name. Use this table as the example for populating by npfctl. Drop the int-block table, it's quite cumbersome to have a firewall which needs the internal network lists added if reboot. Use the localnet variable to indicated which network we should pass in traffic from instead.
Revision 1.19 / (download) - annotate - [select for diffs], Sun Sep 22 19:51:18 2019 UTC (4 years, 5 months ago) by sevan
Branch: MAIN
Changes since 1.18: +4 -1
lines
Diff to previous 1.18 (colored)
Add support for blacklistd
Revision 1.18 / (download) - annotate - [select for diffs], Sun Sep 22 19:30:15 2019 UTC (4 years, 5 months ago) by sevan
Branch: MAIN
Changes since 1.17: +1 -4
lines
Diff to previous 1.17 (colored)
Passive FTP works as a client without this and we're not hosting an FTP server (port are not listed in services_tcp)
Revision 1.17 / (download) - annotate - [select for diffs], Sat Sep 21 23:55:01 2019 UTC (4 years, 5 months ago) by sevan
Branch: MAIN
Changes since 1.16: +3 -3
lines
Diff to previous 1.16 (colored)
pastos
Revision 1.16 / (download) - annotate - [select for diffs], Sat Sep 21 21:10:56 2019 UTC (4 years, 5 months ago) by sevan
Branch: MAIN
Changes since 1.15: +3 -2
lines
Diff to previous 1.15 (colored)
improve description
Revision 1.15 / (download) - annotate - [select for diffs], Sat Sep 21 20:41:52 2019 UTC (4 years, 5 months ago) by sevan
Branch: MAIN
Changes since 1.14: +21 -3
lines
Diff to previous 1.14 (colored)
Add descriptions for all rules and make use of localnet variable in place of direct IP address
Revision 1.14 / (download) - annotate - [select for diffs], Sat Sep 21 20:35:52 2019 UTC (4 years, 5 months ago) by sevan
Branch: MAIN
Changes since 1.13: +1 -2
lines
Diff to previous 1.13 (colored)
default policy is to blockall
Revision 1.13 / (download) - annotate - [select for diffs], Sat Sep 21 20:31:31 2019 UTC (4 years, 5 months ago) by sevan
Branch: MAIN
Changes since 1.12: +11 -11
lines
Diff to previous 1.12 (colored)
Drop the final keyword to use the default policy of last matching rule wins
Revision 1.12 / (download) - annotate - [select for diffs], Thu Apr 11 10:17:21 2019 UTC (4 years, 11 months ago) by sevan
Branch: MAIN
CVS Tags: phil-wifi-20190609,
netbsd-9-base
Branch point for: netbsd-9
Changes since 1.11: +2 -2
lines
Diff to previous 1.11 (colored)
s/ifnets/ifaddrs
Revision 1.11 / (download) - annotate - [select for diffs], Thu Apr 11 09:59:24 2019 UTC (4 years, 11 months ago) by sevan
Branch: MAIN
Changes since 1.10: +2 -7
lines
Diff to previous 1.10 (colored)
Revert previous & just use the inets function to handle both address families. Heads up by <leot>
Revision 1.10 / (download) - annotate - [select for diffs], Wed Apr 10 23:14:46 2019 UTC (4 years, 11 months ago) by sevan
Branch: MAIN
Changes since 1.9: +3 -3
lines
Diff to previous 1.9 (colored)
typo
Revision 1.9 / (download) - annotate - [select for diffs], Wed Apr 10 23:13:02 2019 UTC (4 years, 11 months ago) by sevan
Branch: MAIN
Changes since 1.8: +7 -2
lines
Diff to previous 1.8 (colored)
Use a separate variable for IPv6. Found with npfctl validate.
Revision 1.8 / (download) - annotate - [select for diffs], Wed Apr 10 23:00:43 2019 UTC (4 years, 11 months ago) by sevan
Branch: MAIN
Changes since 1.7: +3 -3
lines
Diff to previous 1.7 (colored)
Switch out deprecated keywords. Found with npfctl validate.
Revision 1.7 / (download) - annotate - [select for diffs], Mon Aug 20 20:45:52 2018 UTC (5 years, 6 months ago) by rjs
Branch: MAIN
CVS Tags: pgoyette-compat-20190127,
pgoyette-compat-20190118,
pgoyette-compat-1226,
pgoyette-compat-1126,
pgoyette-compat-1020,
pgoyette-compat-0930,
pgoyette-compat-0906
Changes since 1.6: +1 -1
lines
Diff to previous 1.6 (colored)
Fix cvs id.
Revision 1.6 / (download) - annotate - [select for diffs], Sat Feb 8 01:32:19 2014 UTC (10 years, 1 month ago) by rmind
Branch: MAIN
CVS Tags: yamt-pagecache-base9,
tls-maxphys-base,
tls-earlyentropy-base,
tls-earlyentropy,
riastradh-xf86-video-intel-2-7-1-pre-2-21-15,
riastradh-drm2-base3,
prg-localcount2-base3,
prg-localcount2-base2,
prg-localcount2-base1,
prg-localcount2-base,
prg-localcount2,
phil-wifi-base,
pgoyette-localcount-base,
pgoyette-localcount-20170426,
pgoyette-localcount-20170320,
pgoyette-localcount-20170107,
pgoyette-localcount-20161104,
pgoyette-localcount-20160806,
pgoyette-localcount-20160726,
pgoyette-localcount,
pgoyette-compat-base,
pgoyette-compat-0728,
pgoyette-compat-0625,
pgoyette-compat-0521,
pgoyette-compat-0502,
pgoyette-compat-0422,
pgoyette-compat-0415,
pgoyette-compat-0407,
pgoyette-compat-0330,
pgoyette-compat-0322,
pgoyette-compat-0315,
perseant-stdc-iso10646-base,
perseant-stdc-iso10646,
netbsd-8-base,
netbsd-8-2-RELEASE,
netbsd-8-1-RELEASE,
netbsd-8-1-RC1,
netbsd-8-0-RELEASE,
netbsd-8-0-RC2,
netbsd-8-0-RC1,
netbsd-8,
netbsd-7-nhusb-base-20170116,
netbsd-7-nhusb-base,
netbsd-7-nhusb,
netbsd-7-base,
netbsd-7-2-RELEASE,
netbsd-7-1-RELEASE,
netbsd-7-1-RC2,
netbsd-7-1-RC1,
netbsd-7-1-2-RELEASE,
netbsd-7-1-1-RELEASE,
netbsd-7-1,
netbsd-7-0-RELEASE,
netbsd-7-0-RC3,
netbsd-7-0-RC2,
netbsd-7-0-RC1,
netbsd-7-0-2-RELEASE,
netbsd-7-0-1-RELEASE,
netbsd-7-0,
netbsd-7,
matt-nb8-mediatek-base,
matt-nb8-mediatek,
localcount-20160914,
bouyer-socketcan-base1,
bouyer-socketcan-base,
bouyer-socketcan
Branch point for: phil-wifi,
pgoyette-compat
Changes since 1.5: +8 -8
lines
Diff to previous 1.5 (colored)
Sync some NPF config examples with the reality.
Revision 1.5 / (download) - annotate - [select for diffs], Fri Sep 20 17:51:04 2013 UTC (10 years, 6 months ago) by spz
Branch: MAIN
Changes since 1.4: +4 -4
lines
Diff to previous 1.4 (colored)
track syntax change in npf.conf regarding group
Revision 1.4 / (download) - annotate - [select for diffs], Sun Dec 9 22:12:26 2012 UTC (11 years, 3 months ago) by rmind
Branch: MAIN
CVS Tags: yamt-pagecache-base8,
yamt-pagecache-base7,
riastradh-drm2-base2,
riastradh-drm2-base1,
riastradh-drm2-base,
riastradh-drm2,
agc-symver-base,
agc-symver
Changes since 1.3: +4 -8
lines
Diff to previous 1.3 (colored)
Fix syntax error in the example, fix one rule and G/C "rid" procedure.
Revision 1.3 / (download) - annotate - [select for diffs], Tue Dec 4 18:48:32 2012 UTC (11 years, 3 months ago) by spz
Branch: MAIN
Changes since 1.2: +12 -9
lines
Diff to previous 1.2 (colored)
adjust to current npf.conf syntax
Revision 1.2 / (download) - annotate - [select for diffs], Tue Aug 21 08:25:21 2012 UTC (11 years, 7 months ago) by spz
Branch: MAIN
CVS Tags: yamt-pagecache-base6
Branch point for: yamt-pagecache,
tls-maxphys,
netbsd-6,
matt-nb6-plus
Changes since 1.1: +5 -3
lines
Diff to previous 1.1 (colored)
add id string, fix comments
Revision 1.1 / (download) - annotate - [select for diffs], Tue Aug 21 06:54:39 2012 UTC (11 years, 7 months ago) by spz
Branch: MAIN
the example from the man page, with a few extra comments