Up to [cvs.NetBSD.org] / src / sys / net / npf
Request diff between arbitrary revisions
Default branch: MAIN
Current tag: MAIN
Revision 1.17 / (download) - annotate - [select for diffs], Sat May 30 14:16:56 2020 UTC (3 years, 9 months ago) by rmind
Branch: MAIN
CVS Tags: triaxx-drm,
thorpej-ifq-base,
thorpej-ifq,
thorpej-i2c-spi-conf2-base,
thorpej-i2c-spi-conf2,
thorpej-i2c-spi-conf-base,
thorpej-i2c-spi-conf,
thorpej-futex2-base,
thorpej-futex2,
thorpej-futex-base,
thorpej-futex,
thorpej-cfargs2-base,
thorpej-cfargs2,
thorpej-cfargs-base,
thorpej-cfargs,
thorpej-altq-separation-base,
thorpej-altq-separation,
netbsd-10-base,
netbsd-10-0-RC6,
netbsd-10-0-RC5,
netbsd-10-0-RC4,
netbsd-10-0-RC3,
netbsd-10-0-RC2,
netbsd-10-0-RC1,
netbsd-10,
cjep_sun2x-base1,
cjep_sun2x-base,
cjep_sun2x,
cjep_staticlib_x-base1,
cjep_staticlib_x-base,
cjep_staticlib_x,
bouyer-sunxi-drm-base,
bouyer-sunxi-drm,
HEAD
Changes since 1.16: +21 -24
lines
Diff to previous 1.16 (colored)
Major NPF improvements (merge from upstream): - Switch to the C11-style atomic primitives using atomic_loadstore(9). - npfkern: introduce the 'state.key.interface' and 'state.key.direction' settings. Users can now choose whether the connection state should be strictly per-interface or global at the configuration level. Keep NAT logic to be always per-interface, though. - npfkern: rewrite the G/C worker logic and make it self-tuning. - npfkern and libnpf: multiple bug fixes; add param exporting; introduce more parameters. Remove npf_nvlist_{copyin,copyout}() functions and refactor npfctl_load_nvlist() with others; add npfctl_run_op() to have a single entry point for operations. Introduce npf_flow_t and clean up some code. - npfctl: lots of fixes for the 'npfctl show' logic; make 'npfctl list' more informative; misc usability improvements and more user-friendly error messages. - Amend and improve the manual pages.
Revision 1.16 / (download) - annotate - [select for diffs], Wed Jan 29 04:30:41 2020 UTC (4 years, 1 month ago) by thorpej
Branch: MAIN
CVS Tags: phil-wifi-20200421,
phil-wifi-20200411,
phil-wifi-20200406,
is-mlppp-base,
is-mlppp,
bouyer-xenpvh-base2,
bouyer-xenpvh-base1,
bouyer-xenpvh-base,
bouyer-xenpvh,
ad-namecache-base3
Changes since 1.15: +2 -3
lines
Diff to previous 1.15 (colored)
Adopt <net/if_stats.h>.
Revision 1.15 / (download) - annotate - [select for diffs], Sat Sep 29 14:41:36 2018 UTC (5 years, 5 months ago) by rmind
Branch: MAIN
CVS Tags: phil-wifi-20191119,
phil-wifi-20190609,
pgoyette-compat-20190127,
pgoyette-compat-20190118,
pgoyette-compat-1226,
pgoyette-compat-1126,
pgoyette-compat-1020,
pgoyette-compat-0930,
netbsd-9-base,
netbsd-9-0-RELEASE,
netbsd-9-0-RC2,
netbsd-9-0-RC1,
isaki-audio2-base,
isaki-audio2,
ad-namecache-base2,
ad-namecache-base1,
ad-namecache-base
Branch point for: netbsd-9,
ad-namecache
Changes since 1.14: +4 -5
lines
Diff to previous 1.14 (colored)
NPF: Major rework -- migrate NPF to the libnv library. - This conversion significantly simplifies the code and moves NPF to a binary serialisation format (replacing the XML-like format). - Fix some memory/reference leaks and possibly use-after-free bugs. - Bump NPF_VERSION as this change makes libnpf incompatible with the previous versions. Also, different serialisation format means NPF connection/config saving and loading is not compatible with the previous versions either. Thanks to christos@ for extra testing.
Revision 1.14 / (download) - annotate - [select for diffs], Tue Jun 26 06:48:02 2018 UTC (5 years, 8 months ago) by msaitoh
Branch: MAIN
CVS Tags: phil-wifi-base,
pgoyette-compat-0906,
pgoyette-compat-0728
Branch point for: phil-wifi
Changes since 1.13: +3 -3
lines
Diff to previous 1.13 (colored)
Implement the BPF direction filter (BIOC[GS]DIRECTION). It provides backward compatibility with BIOC[GS]SEESENT ioctl. The userland interface is the same as FreeBSD. This change also fixes a bug that the direction is misunderstand on some environment by passing the direction to bpf_mtap*() instead of checking m->m_pkthdr.rcvif.
Revision 1.13 / (download) - annotate - [select for diffs], Sat Feb 18 23:27:32 2017 UTC (7 years, 1 month ago) by christos
Branch: MAIN
CVS Tags: tls-maxphys-base-20171202,
prg-localcount2-base3,
prg-localcount2-base2,
prg-localcount2-base1,
prg-localcount2-base,
prg-localcount2,
pgoyette-localcount-20170426,
pgoyette-localcount-20170320,
pgoyette-compat-base,
pgoyette-compat-0625,
pgoyette-compat-0521,
pgoyette-compat-0502,
pgoyette-compat-0422,
pgoyette-compat-0415,
pgoyette-compat-0407,
pgoyette-compat-0330,
pgoyette-compat-0322,
pgoyette-compat-0315,
perseant-stdc-iso10646-base,
perseant-stdc-iso10646,
nick-nhusb-base-20170825,
netbsd-8-base,
netbsd-8-2-RELEASE,
netbsd-8-1-RELEASE,
netbsd-8-1-RC1,
netbsd-8-0-RELEASE,
netbsd-8-0-RC2,
netbsd-8-0-RC1,
netbsd-8,
matt-nb8-mediatek-base,
matt-nb8-mediatek,
jdolecek-ncq-base,
jdolecek-ncq,
bouyer-socketcan-base1
Branch point for: pgoyette-compat
Changes since 1.12: +5 -10
lines
Diff to previous 1.12 (colored)
provide a copy function used for logging that does not lock, but can return trash.
Revision 1.12 / (download) - annotate - [select for diffs], Sat Feb 18 18:08:16 2017 UTC (7 years, 1 month ago) by mlelstv
Branch: MAIN
Changes since 1.11: +6 -2
lines
Diff to previous 1.11 (colored)
npf_ifmap_getname requires the config to be locked. For now, just prevent the crash.
Revision 1.11 / (download) - annotate - [select for diffs], Sun Jan 29 00:15:54 2017 UTC (7 years, 1 month ago) by christos
Branch: MAIN
CVS Tags: nick-nhusb-base-20170204
Changes since 1.10: +43 -8
lines
Diff to previous 1.10 (colored)
- Increase copyin buffer size to 4M - Change log output format to be like the OpenBSD's pf including in the header the matching rule etc, and fill in the matching info.
Revision 1.10 / (download) - annotate - [select for diffs], Mon Dec 26 23:05:06 2016 UTC (7 years, 2 months ago) by christos
Branch: MAIN
CVS Tags: pgoyette-localcount-20170107,
bouyer-socketcan-base
Branch point for: bouyer-socketcan
Changes since 1.9: +7 -3
lines
Diff to previous 1.9 (colored)
Sync NPF with the version on github: backport standalone NPF changes, which allow us to create and run separate NPF instances. Minor fixes. (from rmind@)
Revision 1.9 / (download) - annotate - [select for diffs], Thu Jun 16 03:03:33 2016 UTC (7 years, 9 months ago) by ozaki-r
Branch: MAIN
CVS Tags: pgoyette-localcount-base,
pgoyette-localcount-20161104,
pgoyette-localcount-20160806,
pgoyette-localcount-20160726,
nick-nhusb-base-20161204,
nick-nhusb-base-20161004,
nick-nhusb-base-20160907,
localcount-20160914
Branch point for: pgoyette-localcount
Changes since 1.8: +5 -3
lines
Diff to previous 1.8 (colored)
Use if_get_byindex instead of if_byindex for MP-safe
Revision 1.8 / (download) - annotate - [select for diffs], Sun Jul 20 00:37:41 2014 UTC (9 years, 8 months ago) by rmind
Branch: MAIN
CVS Tags: tls-maxphys-base,
tls-earlyentropy-base,
nick-nhusb-base-20160529,
nick-nhusb-base-20160422,
nick-nhusb-base-20160319,
nick-nhusb-base-20151226,
nick-nhusb-base-20150921,
nick-nhusb-base-20150606,
nick-nhusb-base-20150406,
nick-nhusb-base,
netbsd-7-nhusb-base-20170116,
netbsd-7-nhusb-base,
netbsd-7-nhusb,
netbsd-7-base,
netbsd-7-2-RELEASE,
netbsd-7-1-RELEASE,
netbsd-7-1-RC2,
netbsd-7-1-RC1,
netbsd-7-1-2-RELEASE,
netbsd-7-1-1-RELEASE,
netbsd-7-1,
netbsd-7-0-RELEASE,
netbsd-7-0-RC3,
netbsd-7-0-RC2,
netbsd-7-0-RC1,
netbsd-7-0-2-RELEASE,
netbsd-7-0-1-RELEASE,
netbsd-7-0,
netbsd-7
Branch point for: nick-nhusb
Changes since 1.7: +4 -4
lines
Diff to previous 1.7 (colored)
NPF: add nbuf_t * into npf_cache_t and remove unnecessary carrying by argument.
Revision 1.7 / (download) - annotate - [select for diffs], Mon May 19 18:45:51 2014 UTC (9 years, 10 months ago) by jakllsch
Branch: MAIN
Changes since 1.6: +6 -4
lines
Diff to previous 1.6 (colored)
Add ability to have mbufs disappear (to another interface) during npf_rproc_run(). For upcoming npf_ext_route extension. Guidance and ok by rmind@.
Revision 1.6 / (download) - annotate - [select for diffs], Mon Mar 11 17:03:55 2013 UTC (11 years ago) by christos
Branch: MAIN
CVS Tags: yamt-pagecache-base9,
rmind-smpnet-nbase,
rmind-smpnet-base,
rmind-smpnet,
riastradh-xf86-video-intel-2-7-1-pre-2-21-15,
riastradh-drm2-base3,
riastradh-drm2-base2,
riastradh-drm2-base1,
riastradh-drm2-base,
riastradh-drm2,
khorben-n900,
agc-symver-base,
agc-symver
Branch point for: tls-earlyentropy
Changes since 1.5: +3 -3
lines
Diff to previous 1.5 (colored)
*"" is not constant according to gcc. So we move the responsibility for adding a , to the users of the macro.
Revision 1.5 / (download) - annotate - [select for diffs], Mon Mar 11 16:37:43 2013 UTC (11 years ago) by christos
Branch: MAIN
Changes since 1.4: +3 -3
lines
Diff to previous 1.4 (colored)
- avoid trailing , in dependencies when there are none other the npf module itself. - remove if_npflog dependency from npf_ext_log.
Revision 1.4 / (download) - annotate - [select for diffs], Mon Mar 11 01:42:12 2013 UTC (11 years ago) by christos
Branch: MAIN
Changes since 1.3: +2 -3
lines
Diff to previous 1.3 (colored)
remove the detach that does not belong here anymore.
Revision 1.3 / (download) - annotate - [select for diffs], Sun Mar 10 20:51:44 2013 UTC (11 years ago) by christos
Branch: MAIN
Changes since 1.2: +3 -100
lines
Diff to previous 1.2 (colored)
Split the npflog cloner and auto-load the extensions.
Revision 1.2 / (download) - annotate - [select for diffs], Mon Dec 24 19:05:42 2012 UTC (11 years, 2 months ago) by rmind
Branch: MAIN
CVS Tags: yamt-pagecache-base8
Changes since 1.1: +3 -3
lines
Diff to previous 1.1 (colored)
- Rework NPF's nbuf interface: use advancing and ensuring as a main method. Eliminate unnecessary copy and simplify. Adapt regression tests. - Simplify ICMP ALG a little. While here, handle ICMP ECHO for traceroute. - Minor fixes, misc cleanup.
Revision 1.1 / (download) - annotate - [select for diffs], Sun Sep 16 13:47:41 2012 UTC (11 years, 6 months ago) by rmind
Branch: MAIN
CVS Tags: yamt-pagecache-base7,
yamt-pagecache-base6
Branch point for: yamt-pagecache,
tls-maxphys,
netbsd-6
Implement dynamic NPF extensions interface. An extension consists of dynamically loaded module (.so) supplementing npfctl(8) and a kernel module. Move normalisation and logging functionality into their own extensions. More improvements to come.