The NetBSD Project

CVS log for src/usr.sbin/npf/npftest/libnpftest/npf_rule_test.c

[BACK] Up to [cvs.NetBSD.org] / src / usr.sbin / npf / npftest / libnpftest

Request diff between arbitrary revisions


Keyword substitution: kv
Default branch: MAIN


Revision 1.17.2.3: download - view: text, markup, annotated - select for diffs
Sun Nov 17 13:58:11 2024 UTC (2 months ago) by martin
Branches: netbsd-9
Diff to: previous 1.17.2.2: preferred, colored; branchpoint 1.17: preferred, colored; next MAIN 1.18: preferred, colored
Changes since revision 1.17.2.2: +141 -3 lines
Pull up following revision(s) (requested by riastradh in ticket #1918):

	usr.sbin/npf/npftest/npftest.conf: revision 1.10
	usr.sbin/npf/npftest/npftest.conf: revision 1.11
	usr.sbin/npf/npftest/npftest.conf: revision 1.12
	usr.sbin/npf/npfctl/npf_bpf_comp.c: revision 1.17
	usr.sbin/npf/npftest/libnpftest/npf_rule_test.c: revision 1.20
	usr.sbin/npf/npftest/libnpftest/npf_rule_test.c: revision 1.21
	usr.sbin/npf/npftest/libnpftest/npf_rule_test.c: revision 1.22
	usr.sbin/npf/npftest/libnpftest/npf_rule_test.c: revision 1.23
	tests/net/npf/t_npf.sh: revision 1.5
	tests/net/npf/t_npf.sh: revision 1.6
	tests/net/npf/t_npf.sh: revision 1.7

npftest: Add AF_* parameter to test cases.
No functional change intended.
Preparation to add test cases for:
PR bin/55403: npfctl miscompiles IPv6 rules


npftest: Add a test to match groups of IPv6 addresses.
The npf_rule test group is now an xfail.  (npftest doesn't have a way
to mark individual cases in a test group as xfail, so this will have
to do for now.)
PR bin/55403: npfctl miscompiles IPv6 rules


npftest: Fix newly added test.
- Adapt new test to actually exercise new rules.
- Mark the right test xfail.
PR bin/55403: npfctl miscompiles IPv6 rules


npftest: Expand test cases to cover more compiler paths.
Cover masked ranges with full- and partial-word sizes.
PR bin/55403: npfctl miscompiles IPv6 rules


npfctl(8): Fix compiling multiword comparisons, i.e., IPv6 addrs.
PR bin/55403: npfctl miscompiles IPv6 rules

Revision 1.19.8.1: download - view: text, markup, annotated - select for diffs
Sun Nov 17 13:18:59 2024 UTC (2 months ago) by martin
Branches: netbsd-10
CVS tags: netbsd-10-1-RELEASE
Diff to: previous 1.19: preferred, colored; next MAIN 1.20: preferred, colored
Changes since revision 1.19: +141 -3 lines
Pull up following revision(s) (requested by riastradh in ticket #1002):

	usr.sbin/npf/npftest/npftest.conf: revision 1.10
	usr.sbin/npf/npftest/npftest.conf: revision 1.11
	usr.sbin/npf/npftest/npftest.conf: revision 1.12
	usr.sbin/npf/npfctl/npf_bpf_comp.c: revision 1.17
	usr.sbin/npf/npftest/libnpftest/npf_rule_test.c: revision 1.20
	usr.sbin/npf/npftest/libnpftest/npf_rule_test.c: revision 1.21
	usr.sbin/npf/npftest/libnpftest/npf_rule_test.c: revision 1.22
	usr.sbin/npf/npftest/libnpftest/npf_rule_test.c: revision 1.23
	tests/net/npf/t_npf.sh: revision 1.5
	tests/net/npf/t_npf.sh: revision 1.6
	tests/net/npf/t_npf.sh: revision 1.7

npftest: Add AF_* parameter to test cases.
No functional change intended.
Preparation to add test cases for:
PR bin/55403: npfctl miscompiles IPv6 rules

npftest: Add a test to match groups of IPv6 addresses.
The npf_rule test group is now an xfail.  (npftest doesn't have a way
to mark individual cases in a test group as xfail, so this will have
to do for now.)
PR bin/55403: npfctl miscompiles IPv6 rules

npftest: Fix newly added test.
- Adapt new test to actually exercise new rules.
- Mark the right test xfail.
PR bin/55403: npfctl miscompiles IPv6 rules

npftest: Expand test cases to cover more compiler paths.
Cover masked ranges with full- and partial-word sizes.
PR bin/55403: npfctl miscompiles IPv6 rules

npfctl(8): Fix compiling multiword comparisons, i.e., IPv6 addrs.
PR bin/55403: npfctl miscompiles IPv6 rules

Revision 1.23: download - view: text, markup, annotated - select for diffs
Wed Oct 30 11:03:32 2024 UTC (2 months, 2 weeks ago) by riastradh
Branches: MAIN
CVS tags: HEAD
Diff to: previous 1.22: preferred, colored
Changes since revision 1.22: +95 -9 lines
npftest: Expand test cases to cover more compiler paths.

Cover masked ranges with full- and partial-word sizes.

PR bin/55403: npfctl miscompiles IPv6 rules

Revision 1.22: download - view: text, markup, annotated - select for diffs
Wed Oct 30 10:12:32 2024 UTC (2 months, 2 weeks ago) by riastradh
Branches: MAIN
Diff to: previous 1.21: preferred, colored
Changes since revision 1.21: +27 -5 lines
npftest: Fix newly added test.

- Adapt new test to actually exercise new rules.
- Mark the right test xfail.

PR bin/55403: npfctl miscompiles IPv6 rules

Revision 1.21: download - view: text, markup, annotated - select for diffs
Tue Oct 29 22:24:30 2024 UTC (2 months, 2 weeks ago) by riastradh
Branches: MAIN
Diff to: previous 1.20: preferred, colored
Changes since revision 1.20: +23 -0 lines
npftest: Add a test to match groups of IPv6 addresses.

The npf_rule test group is now an xfail.  (npftest doesn't have a way
to mark individual cases in a test group as xfail, so this will have
to do for now.)

PR bin/55403: npfctl miscompiles IPv6 rules

Revision 1.20: download - view: text, markup, annotated - select for diffs
Tue Oct 29 22:13:52 2024 UTC (2 months, 2 weeks ago) by riastradh
Branches: MAIN
Diff to: previous 1.19: preferred, colored
Changes since revision 1.19: +10 -3 lines
npftest: Add AF_* parameter to test cases.

No functional change intended.

Preparation to add test cases for:

PR bin/55403: npfctl miscompiles IPv6 rules

Revision 1.14.12.2: download - view: text, markup, annotated - select for diffs
Mon Apr 13 08:05:55 2020 UTC (4 years, 9 months ago) by martin
Branches: phil-wifi
Diff to: previous 1.14.12.1: preferred, colored; branchpoint 1.14: preferred, colored; next MAIN 1.15: preferred, colored
Changes since revision 1.14.12.1: +62 -59 lines
Mostly merge changes from HEAD upto 20200411

Revision 1.17.2.2: download - view: text, markup, annotated - select for diffs
Sun Sep 1 13:21:39 2019 UTC (5 years, 4 months ago) by martin
Branches: netbsd-9
CVS tags: netbsd-9-4-RELEASE, netbsd-9-3-RELEASE, netbsd-9-2-RELEASE, netbsd-9-1-RELEASE, netbsd-9-0-RELEASE, netbsd-9-0-RC2, netbsd-9-0-RC1
Diff to: previous 1.17.2.1: preferred, colored; branchpoint 1.17: preferred, colored
Changes since revision 1.17.2.1: +2 -2 lines
Pull up following revision(s) (requested by rmind in ticket #141):

	usr.sbin/npf/npfctl/npf_bpf_comp.c: revision 1.15
	sys/net/npf/npf_alg.c: revision 1.21
	sys/net/npf/npf.h: revision 1.62
	sys/net/npf/npf_ctl.c: revision 1.57
	sys/net/npf/npf_ctl.c: revision 1.58
	sys/net/npf/npf_os.c: revision 1.16
	sys/net/npf/npf_os.c: revision 1.17
	sys/net/npf/npf_conf.c: revision 1.15
	sys/net/npf/npf_impl.h: revision 1.78
	sys/sys/mbuf.h: revision 1.220
	sys/net/npf/npf_impl.h: revision 1.79
	sys/net/npf/npf.c: revision 1.41
	usr.sbin/npf/npftest/libnpftest/npf_rule_test.c: revision 1.19
	sys/net/npf/npf_nat.c: revision 1.48
	sys/net/npf/npf_handler.c: revision 1.48
	sys/net/npf/npf_ifaddr.c: revision 1.6

- npfctl_load_nvlist: simplify the config loading logic.
- Fix a small race condition in npf_nat_getaddr().
- Rework pserialize/EBR wrappers, make it easier to maintain.
Move PACKET_TAG_NPF where it belongs to.
Make npfctl_switch() and pfil private to OS-specific module.

Revision 1.19: download - view: text, markup, annotated - select for diffs
Sun Aug 25 13:21:03 2019 UTC (5 years, 4 months ago) by rmind
Branches: MAIN
CVS tags: phil-wifi-20200421, phil-wifi-20200411, phil-wifi-20200406, phil-wifi-20191119, perseant-exfatfs-base-20240630, perseant-exfatfs-base, perseant-exfatfs, netbsd-10-base, netbsd-10-0-RELEASE, netbsd-10-0-RC6, netbsd-10-0-RC5, netbsd-10-0-RC4, netbsd-10-0-RC3, netbsd-10-0-RC2, netbsd-10-0-RC1, is-mlppp-base, is-mlppp, cjep_sun2x-base1, cjep_sun2x-base, cjep_sun2x, cjep_staticlib_x-base1, cjep_staticlib_x-base, cjep_staticlib_x
Branch point for: netbsd-10
Diff to: previous 1.18: preferred, colored
Changes since revision 1.18: +2 -2 lines
- npfctl_load_nvlist: simplify the config loading logic.
- Fix a small race condition in npf_nat_getaddr().
- Rework pserialize/EBR wrappers, make it easier to maintain.

Revision 1.17.2.1: download - view: text, markup, annotated - select for diffs
Tue Aug 13 14:35:55 2019 UTC (5 years, 5 months ago) by martin
Branches: netbsd-9
Diff to: previous 1.17: preferred, colored
Changes since revision 1.17: +1 -1 lines
Pull up following revision(s) (requested by rmind in ticket #49):

	usr.sbin/npf/npf.7: revision 1.7
	sys/net/npf/npfkern.h: revision 1.4
	sys/net/npf/npf_conn.h: revision 1.18
	usr.sbin/npf/npftest/libnpftest/npf_nat_test.c: revision 1.13
	sys/net/npf/npf_ctl.c: revision 1.55
	sys/net/npf/npf_os.c: revision 1.14
	sys/net/npf/npf_conf.c: revision 1.14
	usr.sbin/npf/npftest/libnpftest/npf_conn_test.c: revision 1.3
	usr.sbin/npf/npftest/libnpftest/npf_perf_test.c: revision 1.9
	sys/net/npf/npf_impl.h: revision 1.76
	sys/net/npf/npf_portmap.c: revision 1.4
	sys/net/npf/npf_params.c: revision 1.2
	sys/net/npf/npf.c: revision 1.40
	usr.sbin/npf/npftest/libnpftest/npf_test_subr.c: revision 1.16
	usr.sbin/npf/npftest/libnpftest/npf_rule_test.c: revision 1.18
	sys/net/npf/npf_nat.c: revision 1.47
	sys/net/npf/npf_handler.c: revision 1.47
	sys/net/npf/npf_inet.c: revision 1.55
	sys/net/npf/npf_if.c: revision 1.10
	sys/net/npf/npf_worker.c: revision 1.7
	usr.sbin/npf/npf-params.7: revision 1.3

npf-params(7): add more bpf.jit details.
From David H. Gutteridge.

Adjust some internal NPF APIs:
* npfkern: use the npfk_ prefix.
* NPF portmap: amend the API so it could be used elsewhere.
* Make npf_connkey_t public.

npf.7: add xref to npf-params.7
(Adding directly here since this particular file isn't included in
rmind@'s upstream GitHub repo at present.)

Revision 1.18: download - view: text, markup, annotated - select for diffs
Sun Aug 11 20:26:34 2019 UTC (5 years, 5 months ago) by rmind
Branches: MAIN
Diff to: previous 1.17: preferred, colored
Changes since revision 1.17: +1 -1 lines
Adjust some internal NPF APIs:
* npfkern: use the npfk_ prefix.
* NPF portmap: amend the API so it could be used elsewhere.
* Make npf_connkey_t public.

Revision 1.17: download - view: text, markup, annotated - select for diffs
Tue Jul 23 00:52:02 2019 UTC (5 years, 5 months ago) by rmind
Branches: MAIN
CVS tags: netbsd-9-base
Branch point for: netbsd-9
Diff to: previous 1.16: preferred, colored
Changes since revision 1.16: +61 -58 lines
NPF improvements:
- Add support for dynamic NETMAP algorithm (stateful net-to-net).
- Add most of the support for the dynamic NAT rules; a little bit more
  userland work is needed to finish this up and enable.
- Replace 'stateful-ends' with more permissive 'stateful-all'.
- Add various tunable parameters and document them, see npf-params(7).
- Reduce the memory usage of the connection state table (conndb).
- Portmap rewrite: use memory more efficiently, handle addresses dynamically.
- Bug fix: add splsoftnet()/splx() around the thmap writers and comment.
- npftest: clean up and simplify; fix some memleaks to make ASAN happy.

Revision 1.14.12.1: download - view: text, markup, annotated - select for diffs
Mon Jun 10 22:10:35 2019 UTC (5 years, 7 months ago) by christos
Branches: phil-wifi
Diff to: previous 1.14: preferred, colored
Changes since revision 1.14: +23 -24 lines
Sync with HEAD

Revision 1.14.10.2: download - view: text, markup, annotated - select for diffs
Sat Jan 26 22:00:39 2019 UTC (5 years, 11 months ago) by pgoyette
Branches: pgoyette-compat
CVS tags: pgoyette-compat-merge-20190127
Diff to: previous 1.14.10.1: preferred, colored; branchpoint 1.14: preferred, colored; next MAIN 1.15: preferred, colored
Changes since revision 1.14.10.1: +14 -12 lines
Sync with HEAD

Revision 1.16: download - view: text, markup, annotated - select for diffs
Sat Jan 19 21:19:32 2019 UTC (6 years ago) by rmind
Branches: MAIN
CVS tags: phil-wifi-20190609, pgoyette-compat-20190127
Diff to: previous 1.15: preferred, colored
Changes since revision 1.15: +13 -13 lines
Major NPF improvements:
- Convert NPF connection table to thmap.  State lookup is now lock-free.
- Improve connection state G/C: it is now incremental and tunable.
- Add support for dynamic NAT address.  Translation addresses can now be
  selected from a pool of addresses.  There are two selection algorithms,
  "ip-hash" and "round-robin" (see the man page).
- Translation address can be specified as e.g. ifaddrs(wm0) in npf.conf
  to dynamically choose an IP from the interface address(es).
- Add support for the NETMAP algorithm with static NAT for net-to-net
  translation (it is equivalent to iptables NETMAP logic).
- Convert 'ipset' tables to use thmap; the table lookup is now lock-free.
- Misc improvements, bug fixes and more unit tests.
- Bump NPF_VERSION (will also bump libnpf).

Revision 1.14.10.1: download - view: text, markup, annotated - select for diffs
Sun Sep 30 01:46:01 2018 UTC (6 years, 3 months ago) by pgoyette
Branches: pgoyette-compat
Diff to: previous 1.14: preferred, colored
Changes since revision 1.14: +11 -12 lines
Ssync with HEAD

Revision 1.15: download - view: text, markup, annotated - select for diffs
Sat Sep 29 14:41:36 2018 UTC (6 years, 3 months ago) by rmind
Branches: MAIN
CVS tags: pgoyette-compat-20190118, pgoyette-compat-1226, pgoyette-compat-1126, pgoyette-compat-1020, pgoyette-compat-0930
Diff to: previous 1.14: preferred, colored
Changes since revision 1.14: +11 -12 lines
NPF: Major rework -- migrate NPF to the libnv library.
- This conversion significantly simplifies the code and moves NPF to
  a binary serialisation format (replacing the XML-like format).
- Fix some memory/reference leaks and possibly use-after-free bugs.
- Bump NPF_VERSION as this change makes libnpf incompatible with the
  previous versions.  Also, different serialisation format means NPF
  connection/config saving and loading is not compatible with the
  previous versions either.

Thanks to christos@ for extra testing.

Revision 1.13.2.1: download - view: text, markup, annotated - select for diffs
Fri Apr 21 16:54:18 2017 UTC (7 years, 9 months ago) by bouyer
Branches: bouyer-socketcan
Diff to: previous 1.13: preferred, colored; next MAIN 1.14: preferred, colored
Changes since revision 1.13: +4 -3 lines
Sync with HEAD

Revision 1.12.6.2: download - view: text, markup, annotated - select for diffs
Mon Mar 20 06:58:08 2017 UTC (7 years, 10 months ago) by pgoyette
Branches: pgoyette-localcount
Diff to: previous 1.12.6.1: preferred, colored; branchpoint 1.12: preferred, colored; next MAIN 1.13: preferred, colored
Changes since revision 1.12.6.1: +4 -3 lines
Sync with HEAD

Revision 1.14: download - view: text, markup, annotated - select for diffs
Sun Jan 29 04:12:52 2017 UTC (7 years, 11 months ago) by christos
Branches: MAIN
CVS tags: prg-localcount2-base3, prg-localcount2-base2, prg-localcount2-base1, prg-localcount2-base, prg-localcount2, phil-wifi-base, pgoyette-localcount-20170426, pgoyette-localcount-20170320, pgoyette-compat-base, pgoyette-compat-0906, pgoyette-compat-0728, pgoyette-compat-0625, pgoyette-compat-0521, pgoyette-compat-0502, pgoyette-compat-0422, pgoyette-compat-0415, pgoyette-compat-0407, pgoyette-compat-0330, pgoyette-compat-0322, pgoyette-compat-0315, perseant-stdc-iso10646-base, perseant-stdc-iso10646, netbsd-8-base, netbsd-8-3-RELEASE, netbsd-8-2-RELEASE, netbsd-8-1-RELEASE, netbsd-8-1-RC1, netbsd-8-0-RELEASE, netbsd-8-0-RC2, netbsd-8-0-RC1, netbsd-8, matt-nb8-mediatek-base, matt-nb8-mediatek, bouyer-socketcan-base1
Branch point for: phil-wifi, pgoyette-compat
Diff to: previous 1.13: preferred, colored
Changes since revision 1.13: +4 -3 lines
fix function argument.

Revision 1.12.6.1: download - view: text, markup, annotated - select for diffs
Sat Jan 7 08:57:00 2017 UTC (8 years ago) by pgoyette
Branches: pgoyette-localcount
Diff to: previous 1.12: preferred, colored
Changes since revision 1.12: +16 -11 lines
Sync with HEAD.  (Note that most of these changes are simply $NetBSD$
tag issues.)

Revision 1.13: download - view: text, markup, annotated - select for diffs
Mon Dec 26 23:05:05 2016 UTC (8 years ago) by christos
Branches: MAIN
CVS tags: pgoyette-localcount-20170107, bouyer-socketcan-base
Branch point for: bouyer-socketcan
Diff to: previous 1.12: preferred, colored
Changes since revision 1.12: +16 -11 lines
Sync NPF with the version on github: backport standalone NPF changes,
which allow us to create and run separate NPF instances. Minor fixes.
(from rmind@)

Revision 1.2.2.2: download - view: text, markup, annotated - select for diffs
Wed Aug 20 00:05:11 2014 UTC (10 years, 5 months ago) by tls
Branches: tls-maxphys
Diff to: previous 1.2.2.1: preferred, colored; branchpoint 1.2: preferred, colored; next MAIN 1.3: preferred, colored
Changes since revision 1.2.2.1: +14 -15 lines
Rebase to HEAD as of a few days ago.

Revision 1.12: download - view: text, markup, annotated - select for diffs
Sun Aug 10 19:09:43 2014 UTC (10 years, 5 months ago) by rmind
Branches: MAIN
CVS tags: tls-maxphys-base, pgoyette-localcount-base, pgoyette-localcount-20161104, pgoyette-localcount-20160806, pgoyette-localcount-20160726, netbsd-7-nhusb-base-20170116, netbsd-7-nhusb-base, netbsd-7-nhusb, netbsd-7-base, netbsd-7-2-RELEASE, netbsd-7-1-RELEASE, netbsd-7-1-RC2, netbsd-7-1-RC1, netbsd-7-1-2-RELEASE, netbsd-7-1-1-RELEASE, netbsd-7-1, netbsd-7-0-RELEASE, netbsd-7-0-RC3, netbsd-7-0-RC2, netbsd-7-0-RC1, netbsd-7-0-2-RELEASE, netbsd-7-0-1-RELEASE, netbsd-7-0, netbsd-7, localcount-20160914
Branch point for: pgoyette-localcount
Diff to: previous 1.11: preferred, colored
Changes since revision 1.11: +2 -2 lines
- Add npf_ruleset_export(), npf_rule_export() and npf_nat_policyexport().
- Split off npf_conn_export().  Add npf_ifmap_getname() and use it to save
  the interface name; pick it up on npf_conn_import().
- Misc fixes.  Bump NPF_VERSION.

Revision 1.10.2.1: download - view: text, markup, annotated - select for diffs
Sun Aug 10 07:00:01 2014 UTC (10 years, 5 months ago) by tls
Branches: tls-earlyentropy
Diff to: previous 1.10: preferred, colored; next MAIN 1.11: preferred, colored
Changes since revision 1.10: +4 -3 lines
Rebase.

Revision 1.11: download - view: text, markup, annotated - select for diffs
Sun Jul 20 00:37:41 2014 UTC (10 years, 6 months ago) by rmind
Branches: MAIN
CVS tags: tls-earlyentropy-base
Diff to: previous 1.10: preferred, colored
Changes since revision 1.10: +4 -3 lines
NPF: add nbuf_t * into npf_cache_t and remove unnecessary carrying by argument.

Revision 1.2.4.4: download - view: text, markup, annotated - select for diffs
Thu May 22 11:43:07 2014 UTC (10 years, 8 months ago) by yamt
Branches: yamt-pagecache
Diff to: previous 1.2.4.3: preferred, colored; branchpoint 1.2: preferred, colored; next MAIN 1.3: preferred, colored
Changes since revision 1.2.4.3: +61 -12 lines
sync with head.

for a reference, the tree before this commit was tagged
as yamt-pagecache-tag8.

this commit was splitted into small chunks to avoid
a limitation of cvs.  ("Protocol error: too many arguments")

Revision 1.10: download - view: text, markup, annotated - select for diffs
Tue Sep 24 02:04:21 2013 UTC (11 years, 3 months ago) by rmind
Branches: MAIN
CVS tags: yamt-pagecache-base9, riastradh-xf86-video-intel-2-7-1-pre-2-21-15, riastradh-drm2-base3
Branch point for: tls-earlyentropy
Diff to: previous 1.9: preferred, colored
Changes since revision 1.9: +1 -4 lines
npftest: add some concurrency testing code.

Revision 1.9: download - view: text, markup, annotated - select for diffs
Thu Sep 19 01:49:07 2013 UTC (11 years, 4 months ago) by rmind
Branches: MAIN
Diff to: previous 1.8: preferred, colored
Changes since revision 1.8: +1 -4 lines
NPF: G/C n-code in favour of BPF byte-code.  Delete lots of code, mmm!

Revision 1.8: download - view: text, markup, annotated - select for diffs
Thu Sep 19 01:04:46 2013 UTC (11 years, 4 months ago) by rmind
Branches: MAIN
Diff to: previous 1.7: preferred, colored
Changes since revision 1.7: +10 -6 lines
- Convert NPF to use BPF byte-code by default.  Compile BPF byte-code in
  npfctl(8) and generate separate marks to describe the filter criteria.
- Rewrite 'npfctl show' functionality and fix some of the bugs.
- npftest: add a test for BPF COP.
- Bump NPF_VERSION.

Revision 1.2.2.1: download - view: text, markup, annotated - select for diffs
Mon Feb 25 00:30:47 2013 UTC (11 years, 10 months ago) by tls
Branches: tls-maxphys
Diff to: previous 1.2: preferred, colored
Changes since revision 1.2: +62 -7 lines
resync with head

Revision 1.7: download - view: text, markup, annotated - select for diffs
Mon Feb 18 23:09:20 2013 UTC (11 years, 11 months ago) by rmind
Branches: MAIN
CVS tags: riastradh-drm2-base2, riastradh-drm2-base1, riastradh-drm2-base, riastradh-drm2, agc-symver-base, agc-symver
Diff to: previous 1.6: preferred, colored
Changes since revision 1.6: +2 -2 lines
npftest/npf_blockall_rule: set NPF_RULE_DYNAMIC flag for the test rule.

Revision 1.1.2.6: download - view: text, markup, annotated - select for diffs
Mon Feb 18 18:26:15 2013 UTC (11 years, 11 months ago) by riz
Branches: netbsd-6
CVS tags: netbsd-6-1-RELEASE, netbsd-6-1-RC4, netbsd-6-1-RC3, netbsd-6-1-RC2, netbsd-6-1-RC1, netbsd-6-1-5-RELEASE, netbsd-6-1-4-RELEASE, netbsd-6-1-3-RELEASE, netbsd-6-1-2-RELEASE, netbsd-6-1-1-RELEASE, netbsd-6-1
Diff to: previous 1.1.2.5: preferred, colored; next MAIN 1.2: preferred, colored
Changes since revision 1.1.2.5: +4 -2 lines
Pull up following revision(s) (requested by rmind in ticket #829):
	usr.sbin/npf/npfctl/npfctl.8: revision 1.13
	usr.sbin/npf/npfctl/npf_build.c: revision 1.21
	lib/libnpf/npf.c: revision 1.18
	sys/net/npf/npf_ctl.c: revision 1.23
	usr.sbin/npf/npfctl/npfctl.h: revision 1.27
	lib/libnpf/npf.h: revision 1.15
	sys/net/npf/npf_ruleset.c: revision 1.19
	sys/net/npf/npf_impl.h: revision 1.28
	usr.sbin/npf/npfctl/npf_disassemble.c: revision 1.17
	usr.sbin/npf/npfctl/npfctl.c: revision 1.31
	usr.sbin/npf/npftest/libnpftest/npf_rule_test.c: revision 1.6
- Convert NPF dynamic rule ID to just incremented 64-bit counter.
- Fix multiple bugs.  Also, update the man page.

Revision 1.6: download - view: text, markup, annotated - select for diffs
Sat Feb 16 21:11:16 2013 UTC (11 years, 11 months ago) by rmind
Branches: MAIN
Diff to: previous 1.5: preferred, colored
Changes since revision 1.5: +4 -2 lines
- Convert NPF dynamic rule ID to just incremented 64-bit counter.
- Fix multiple bugs.  Also, update the man page.

Revision 1.1.2.5: download - view: text, markup, annotated - select for diffs
Mon Feb 11 21:49:50 2013 UTC (11 years, 11 months ago) by riz
Branches: netbsd-6
Diff to: previous 1.1.2.4: preferred, colored
Changes since revision 1.1.2.4: +55 -6 lines
Pull up following revision(s) (requested by rmind in ticket #817):
	usr.sbin/npf/npfctl/npfctl.8: revision 1.12
	usr.sbin/npf/npfctl/npf.conf.5: revision 1.27
	usr.sbin/npf/npfctl/npf_parse.y: revision 1.18
	usr.sbin/npf/npfctl/npf_build.c: revision 1.20
	usr.sbin/npf/npfctl/npfctl.c: revision 1.28
	lib/libnpf/npf.c: revision 1.16
	usr.sbin/npf/npfctl/npfctl.c: revision 1.29
	lib/libnpf/npf.c: revision 1.17
	sys/modules/npf/Makefile: revision 1.12
	sys/net/npf/npf_rproc.c: revision 1.6
	usr.sbin/npf/npftest/README: revision 1.4
	sys/net/npf/npf_tableset.c: revision 1.17
	sys/net/npf/npf_ctl.c: revision 1.21
	sys/net/npf/npf_ctl.c: revision 1.22
	usr.sbin/npf/npfctl/npfctl.h: revision 1.25
	lib/libnpf/npf.h: revision 1.13
	usr.sbin/npf/npftest/npftest.conf: revision 1.2
	usr.sbin/npf/npfctl/npfctl.h: revision 1.26
	sys/net/npf/npf_ruleset.c: revision 1.17
	lib/libnpf/npf.h: revision 1.14
	sys/net/npf/npf_ruleset.c: revision 1.18
	sys/net/npf/npf_conf.c: revision 1.1
	usr.sbin/npf/npfctl/npf_scan.l: revision 1.10
	sys/net/npf/npf_conf.c: revision 1.2
	sys/net/npf/npf_instr.c: revision 1.16
	sys/net/npf/npf_handler.c: revision 1.26
	sys/net/npf/npf_impl.h: revision 1.26
	usr.sbin/npf/npfctl/npf_disassemble.c: revision 1.14
	sys/net/npf/npf_processor.c: revision 1.15
	sys/net/npf/npf_impl.h: revision 1.27
	sys/net/npf/npf_alg_icmp.c: revision 1.15
	usr.sbin/npf/npfctl/npf_disassemble.c: revision 1.15
	usr.sbin/npf/npfctl/npf_disassemble.c: revision 1.16
	sys/net/npf/npf_ncode.h: revision 1.11
	sys/net/npf/files.npf: revision 1.10
	usr.sbin/npf/npftest/Makefile: revision 1.4
	usr.sbin/npf/npfctl/npfctl.c: revision 1.30
	lib/libnpf/npf.3: revision 1.8
	usr.sbin/npf/npftest/libnpftest/npf_rule_test.c: revision 1.4
	sys/net/npf/npf_session.c: revision 1.21
	usr.sbin/npf/npftest/libnpftest/npf_rule_test.c: revision 1.5
	usr.sbin/npf/npfctl/npf_build.c: revision 1.18
	usr.sbin/npf/npfctl/npf_build.c: revision 1.19
	sys/net/npf/npf_alg.c: revision 1.7
	usr.sbin/npf/npfctl/Makefile: revision 1.10
	sys/net/npf/npf_inet.c: revision 1.21
	sys/net/npf/npf.h: revision 1.26
	sys/net/npf/npf.h: revision 1.27
	usr.sbin/pf/ftp-proxy/Makefile: revision 1.8
	sys/net/npf/npf_nat.c: revision 1.19
	sys/net/npf/npf.c: revision 1.15
	sys/net/npf/npf_state.c: revision 1.14
	sys/net/npf/npf_sendpkt.c: revision 1.14
	sys/rump/net/lib/libnpf/Makefile: revision 1.4
IPv6 linklocal address printing cosmetics
NPF:
- Implement dynamic NPF rules.  Controlled through npf(3) library of via
  npfctl rule command.  A rule can be removed using a unique identifier,
  returned on addition, or using a key which is SHA1 hash of the rule.
  Adjust npftest and add a regression test.
- Improvements to rule inspection mechanism.
- Initial BPF support as an alternative to n-code.
- Minor fixes; bump the version.
Disable -DWITH_NPF for now; will be converted to BPF mechanism.
- Fix NPF config reload with dynamic rules present.
- Implement list and flush commands on a dynamic ruleset.
Allow filtering on IP addresses even if the L4 protocol is unknown.
Patch from spz@.
npftest: adjust for recent change.

Revision 1.5: download - view: text, markup, annotated - select for diffs
Mon Feb 11 02:52:32 2013 UTC (11 years, 11 months ago) by rmind
Branches: MAIN
Diff to: previous 1.4: preferred, colored
Changes since revision 1.4: +3 -3 lines
npftest: adjust for recent change.

Revision 1.4: download - view: text, markup, annotated - select for diffs
Sat Feb 9 03:35:33 2013 UTC (11 years, 11 months ago) by rmind
Branches: MAIN
Diff to: previous 1.3: preferred, colored
Changes since revision 1.3: +55 -6 lines
NPF:
- Implement dynamic NPF rules.  Controlled through npf(3) library of via
  npfctl rule command.  A rule can be removed using a unique identifier,
  returned on addition, or using a key which is SHA1 hash of the rule.
  Adjust npftest and add a regression test.
- Improvements to rule inspection mechanism.
- Initial BPF support as an alternative to n-code.
- Minor fixes; bump the version.

Revision 1.1.2.4: download - view: text, markup, annotated - select for diffs
Fri Feb 8 19:18:12 2013 UTC (11 years, 11 months ago) by riz
Branches: netbsd-6
Diff to: previous 1.1.2.3: preferred, colored
Changes since revision 1.1.2.3: +8 -4 lines
Pull up following revision(s) (requested by rmind in ticket #777):
	usr.sbin/npf/npfctl/npfctl.c: revision 1.27
	sys/net/npf/npf_session.c: revision 1.19
	usr.sbin/npf/npftest/libnpftest/npf_mbuf_subr.c: revision 1.4
	sys/net/npf/npf_rproc.c: revision 1.5
	usr.sbin/npf/npftest/README: revision 1.3
	sys/sys/mbuf.h: revision 1.151
	sys/net/npf/npf_ruleset.c: revision 1.15
	usr.sbin/npf/npftest/libnpftest/npf_nbuf_test.c: revision 1.3
	sys/net/npf/npf_ruleset.c: revision 1.16
	usr.sbin/npf/npftest/libnpftest/npf_state_test.c: revision 1.4
	usr.sbin/npf/npftest/libnpftest/npf_nbuf_test.c: revision 1.4
	sys/net/npf/npf_inet.c: revision 1.19
	sys/net/npf/npf_instr.c: revision 1.15
	sys/net/npf/npf_handler.c: revision 1.24
	sys/net/npf/npf_handler.c: revision 1.25
	sys/net/npf/npf_state_tcp.c: revision 1.12
	sys/net/npf/npf_processor.c: revision 1.13
	sys/net/npf/npf_impl.h: revision 1.25
	sys/net/npf/npf_processor.c: revision 1.14
	sys/net/npf/npf_mbuf.c: revision 1.10
	sys/net/npf/npf_alg_icmp.c: revision 1.14
	sys/net/npf/npf_mbuf.c: revision 1.9
	usr.sbin/npf/npftest/libnpftest/npf_nat_test.c: revision 1.2
	usr.sbin/npf/npftest/libnpftest/npf_rule_test.c: revision 1.3
	sys/net/npf/npf_session.c: revision 1.20
	sys/net/npf/npf_alg.c: revision 1.6
	sys/kern/uipc_mbuf.c: revision 1.148
	sys/net/npf/npf_inet.c: revision 1.20
	sys/net/npf/npf.h: revision 1.25
	sys/net/npf/npf_nat.c: revision 1.18
	sys/net/npf/npf_state.c: revision 1.13
	sys/net/npf/npf_sendpkt.c: revision 1.13
	sys/net/npf/npf_ext_log.c: revision 1.2
	usr.sbin/npf/npftest/libnpftest/npf_processor_test.c: revision 1.4
	sys/net/npf/npf_ext_normalise.c: revision 1.2
- Rework NPF's nbuf interface: use advancing and ensuring as a main method.
  Eliminate unnecessary copy and simplify.  Adapt regression tests.
- Simplify ICMP ALG a little.  While here, handle ICMP ECHO for traceroute.
- Minor fixes, misc cleanup.
Silence gcc in npf_recache().
Add m_ensure_contig() routine, which is equivalent to m_pullup, but does not
destroy the mbuf chain on failure (it is kept valid).
- nbuf_ensure_contig: rework to use m_ensure_contig(9), which will not free
  the mbuf chain on failure.  Fixes some corner cases.  Improve regression
  test and sprinkle some asserts.
- npf_reassembly: clear nbuf on IPv6 reassembly failure path (partial fix).
  The problem was found and fix provided by Anthony Mallet.

Revision 1.2.4.3: download - view: text, markup, annotated - select for diffs
Wed Jan 23 00:06:44 2013 UTC (11 years, 11 months ago) by yamt
Branches: yamt-pagecache
CVS tags: yamt-pagecache-tag8
Diff to: previous 1.2.4.2: preferred, colored; branchpoint 1.2: preferred, colored
Changes since revision 1.2.4.2: +8 -4 lines
sync with head

Revision 1.3: download - view: text, markup, annotated - select for diffs
Mon Dec 24 19:05:48 2012 UTC (12 years ago) by rmind
Branches: MAIN
CVS tags: yamt-pagecache-base8
Diff to: previous 1.2: preferred, colored
Changes since revision 1.2: +8 -4 lines
- Rework NPF's nbuf interface: use advancing and ensuring as a main method.
  Eliminate unnecessary copy and simplify.  Adapt regression tests.
- Simplify ICMP ALG a little.  While here, handle ICMP ECHO for traceroute.
- Minor fixes, misc cleanup.

Revision 1.1.2.3: download - view: text, markup, annotated - select for diffs
Sun Nov 18 21:48:56 2012 UTC (12 years, 2 months ago) by riz
Branches: netbsd-6
Diff to: previous 1.1.2.2: preferred, colored
Changes since revision 1.1.2.2: +6 -6 lines
Pull up following revision(s) (requested by rmind in ticket #679):
	sys/net/npf/npf_session.c: revision 1.18
	usr.sbin/npf/npftest/npftest.c: revision 1.6
	usr.sbin/npf/npftest/npftest.c: revision 1.7
	usr.sbin/npf/npftest/npftest.c: revision 1.8
	usr.sbin/npf/npftest/libnpftest/npf_nbuf_test.c: revision 1.2
	usr.sbin/npf/npftest/libnpftest/npf_state_test.c: revision 1.3
	usr.sbin/npf/npftest/libnpftest/npf_table_test.c: revision 1.5
	sys/net/npf/npf_alg_icmp.c: revision 1.13
	usr.sbin/npf/npftest/libnpftest/npf_rule_test.c: revision 1.2
	usr.sbin/npf/npftest/npfstream.c: revision 1.4
	usr.sbin/npf/npftest/libnpftest/npf_processor_test.c: revision 1.3
npftest:
- Do not stop running other tests, if some tests fail.
- Fix some endianness bugs in the test cases.
Tested on sparc64 by martin@, all tests pass.
Add two new command line options to help integration into ATF:
-L lists the available test cases, -T executes a single named test.
Fix printf format
Mark npf_session_worker as __dead.
More __dead
npf_icmp_uniqid: split into npf_icmp_uniqid4() and npf_icmp_uniqid6() parts.

Revision 1.2.4.2: download - view: text, markup, annotated - select for diffs
Tue Oct 30 19:00:48 2012 UTC (12 years, 2 months ago) by yamt
Branches: yamt-pagecache
Diff to: previous 1.2.4.1: preferred, colored; branchpoint 1.2: preferred, colored
Changes since revision 1.2.4.1: +130 -0 lines
sync with head

Revision 1.2.4.1
Tue Aug 21 20:52:11 2012 UTC (12 years, 5 months ago) by yamt
Branches: yamt-pagecache
FILE REMOVED
Changes since revision 1.2: +0 -130 lines
file npf_rule_test.c was added on branch yamt-pagecache on 2012-10-30 19:00:48 +0000

Revision 1.2: download - view: text, markup, annotated - select for diffs
Tue Aug 21 20:52:11 2012 UTC (12 years, 5 months ago) by rmind
Branches: MAIN
CVS tags: yamt-pagecache-base7, yamt-pagecache-base6
Branch point for: yamt-pagecache, tls-maxphys
Diff to: previous 1.1: preferred, colored
Changes since revision 1.1: +6 -6 lines
npftest:
- Do not stop running other tests, if some tests fail.
- Fix some endianness bugs in the test cases.

Tested on sparc64 by martin@, all tests pass.

Revision 1.1.2.2: download - view: text, markup, annotated - select for diffs
Mon Aug 13 17:49:53 2012 UTC (12 years, 5 months ago) by riz
Branches: netbsd-6
CVS tags: netbsd-6-0-RELEASE, netbsd-6-0-RC2, netbsd-6-0-RC1, netbsd-6-0-6-RELEASE, netbsd-6-0-5-RELEASE, netbsd-6-0-4-RELEASE, netbsd-6-0-3-RELEASE, netbsd-6-0-2-RELEASE, netbsd-6-0-1-RELEASE, netbsd-6-0, matt-nb6-plus-nbase, matt-nb6-plus-base, matt-nb6-plus
Diff to: previous 1.1.2.1: preferred, colored
Changes since revision 1.1.2.1: +130 -0 lines
Pull up following revision(s) (requested by rmind in ticket #485):
	lib/libnpf/npf.c: revision 1.11
	sys/net/npf/npf_session.c: revision 1.17
	sys/modules/npf/Makefile: revision 1.10
	usr.sbin/npf/npftest/npftest.c: revision 1.4
	usr.sbin/npf/npftest/README: revision 1.1
	sys/net/npf/npf_tableset.c: revision 1.14
	usr.sbin/npf/npftest/npftest.h: revision 1.4
	lib/libnpf/npf.h: revision 1.10
	sys/net/npf/npf_ruleset.c: revision 1.14
	usr.sbin/npf/npfctl/npf_data.c: revision 1.18
	usr.sbin/npf/npftest/npftest.conf: revision 1.1
	sys/net/npf/npf_handler.c: revision 1.21
	sys/net/npf/npf_impl.h: revision 1.21
	usr.sbin/npf/npfctl/npfctl.c: revision 1.18
	usr.sbin/npf/npftest/libnpftest/npf_nat_test.c: revision 1.1
	usr.sbin/npf/npfctl/npf_build.c: revision 1.13
	usr.sbin/npf/npftest/libnpftest/npf_rule_test.c: revision 1.1
	usr.sbin/npf/npftest/npfstream.c: revision 1.3
	usr.sbin/npf/npftest/libnpftest/Makefile: revision 1.4
	usr.sbin/npf/npfctl/npfctl.h: revision 1.19
	sys/net/npf/npf_nat.c: revision 1.16
	sys/net/npf/npf_state.c: revision 1.11
	usr.sbin/npf/npftest/libnpftest/npf_test_subr.c: revision 1.3
	usr.sbin/npf/npftest/libnpftest/npf_test.h: revision 1.5
	usr.sbin/npf/npfctl/npf_parse.y: revision 1.12
- Extend npftest: add ruleset inspection testing from the config generated
  by npfctl debug functionality.  Auto-create npftest interfaces for this.
- NPF sessions: combine protocol and interface into a separate substructure,
  share between the entries and thus fix the handling of them.  Constify.
- npftest: add regression tests for NAT policies.
- npf_build_nat: simplify and fix bi-NAT regression.
- Bump yacc stack size for npfctl.

Revision 1.1.2.1
Sun Aug 12 03:35:14 2012 UTC (12 years, 5 months ago) by riz
Branches: netbsd-6
FILE REMOVED
Changes since revision 1.1: +0 -130 lines
file npf_rule_test.c was added on branch netbsd-6 on 2012-08-13 17:49:53 +0000

Revision 1.1: download - view: text, markup, annotated - select for diffs
Sun Aug 12 03:35:14 2012 UTC (12 years, 5 months ago) by rmind
Branches: MAIN
Branch point for: netbsd-6
- Extend npftest: add ruleset inspection testing from the config generated
  by npfctl debug functionality.  Auto-create npftest interfaces for this.
- NPF sessions: combine protocol and interface into a separate substructure,
  share between the entries and thus fix the handling of them.  Constify.
- npftest: add regression tests for NAT policies.
- npf_build_nat: simplify and fix bi-NAT regression.
- Bump yacc stack size for npfctl.

Diff request

This form allows you to request diffs between any two revisions of a file. You may select a symbolic revision name using the selection box or you may type in a numeric name using the type-in text box.

Log view options

CVSweb <webmaster@jp.NetBSD.org>