The NetBSD Project

CVS log for src/usr.sbin/npf/npftest/npftest.conf

[BACK] Up to [cvs.NetBSD.org] / src / usr.sbin / npf / npftest

Request diff between arbitrary revisions


Keyword substitution: kv
Default branch: MAIN


Revision 1.7.2.3: download - view: text, markup, annotated - select for diffs
Sun Nov 17 13:58:11 2024 UTC (2 months, 1 week ago) by martin
Branches: netbsd-9
Diff to: previous 1.7.2.2: preferred, colored; branchpoint 1.7: preferred, colored; next MAIN 1.8: preferred, colored
Changes since revision 1.7.2.2: +9 -1 lines
Pull up following revision(s) (requested by riastradh in ticket #1918):

	usr.sbin/npf/npftest/npftest.conf: revision 1.10
	usr.sbin/npf/npftest/npftest.conf: revision 1.11
	usr.sbin/npf/npftest/npftest.conf: revision 1.12
	usr.sbin/npf/npfctl/npf_bpf_comp.c: revision 1.17
	usr.sbin/npf/npftest/libnpftest/npf_rule_test.c: revision 1.20
	usr.sbin/npf/npftest/libnpftest/npf_rule_test.c: revision 1.21
	usr.sbin/npf/npftest/libnpftest/npf_rule_test.c: revision 1.22
	usr.sbin/npf/npftest/libnpftest/npf_rule_test.c: revision 1.23
	tests/net/npf/t_npf.sh: revision 1.5
	tests/net/npf/t_npf.sh: revision 1.6
	tests/net/npf/t_npf.sh: revision 1.7

npftest: Add AF_* parameter to test cases.
No functional change intended.
Preparation to add test cases for:
PR bin/55403: npfctl miscompiles IPv6 rules


npftest: Add a test to match groups of IPv6 addresses.
The npf_rule test group is now an xfail.  (npftest doesn't have a way
to mark individual cases in a test group as xfail, so this will have
to do for now.)
PR bin/55403: npfctl miscompiles IPv6 rules


npftest: Fix newly added test.
- Adapt new test to actually exercise new rules.
- Mark the right test xfail.
PR bin/55403: npfctl miscompiles IPv6 rules


npftest: Expand test cases to cover more compiler paths.
Cover masked ranges with full- and partial-word sizes.
PR bin/55403: npfctl miscompiles IPv6 rules


npfctl(8): Fix compiling multiword comparisons, i.e., IPv6 addrs.
PR bin/55403: npfctl miscompiles IPv6 rules

Revision 1.9.6.1: download - view: text, markup, annotated - select for diffs
Sun Nov 17 13:18:58 2024 UTC (2 months, 1 week ago) by martin
Branches: netbsd-10
CVS tags: netbsd-10-1-RELEASE
Diff to: previous 1.9: preferred, colored; next MAIN 1.10: preferred, colored
Changes since revision 1.9: +9 -1 lines
Pull up following revision(s) (requested by riastradh in ticket #1002):

	usr.sbin/npf/npftest/npftest.conf: revision 1.10
	usr.sbin/npf/npftest/npftest.conf: revision 1.11
	usr.sbin/npf/npftest/npftest.conf: revision 1.12
	usr.sbin/npf/npfctl/npf_bpf_comp.c: revision 1.17
	usr.sbin/npf/npftest/libnpftest/npf_rule_test.c: revision 1.20
	usr.sbin/npf/npftest/libnpftest/npf_rule_test.c: revision 1.21
	usr.sbin/npf/npftest/libnpftest/npf_rule_test.c: revision 1.22
	usr.sbin/npf/npftest/libnpftest/npf_rule_test.c: revision 1.23
	tests/net/npf/t_npf.sh: revision 1.5
	tests/net/npf/t_npf.sh: revision 1.6
	tests/net/npf/t_npf.sh: revision 1.7

npftest: Add AF_* parameter to test cases.
No functional change intended.
Preparation to add test cases for:
PR bin/55403: npfctl miscompiles IPv6 rules

npftest: Add a test to match groups of IPv6 addresses.
The npf_rule test group is now an xfail.  (npftest doesn't have a way
to mark individual cases in a test group as xfail, so this will have
to do for now.)
PR bin/55403: npfctl miscompiles IPv6 rules

npftest: Fix newly added test.
- Adapt new test to actually exercise new rules.
- Mark the right test xfail.
PR bin/55403: npfctl miscompiles IPv6 rules

npftest: Expand test cases to cover more compiler paths.
Cover masked ranges with full- and partial-word sizes.
PR bin/55403: npfctl miscompiles IPv6 rules

npfctl(8): Fix compiling multiword comparisons, i.e., IPv6 addrs.
PR bin/55403: npfctl miscompiles IPv6 rules

Revision 1.12: download - view: text, markup, annotated - select for diffs
Wed Oct 30 11:03:32 2024 UTC (2 months, 3 weeks ago) by riastradh
Branches: MAIN
CVS tags: HEAD
Diff to: previous 1.11: preferred, colored
Changes since revision 1.11: +2 -2 lines
npftest: Expand test cases to cover more compiler paths.

Cover masked ranges with full- and partial-word sizes.

PR bin/55403: npfctl miscompiles IPv6 rules

Revision 1.11: download - view: text, markup, annotated - select for diffs
Wed Oct 30 10:12:32 2024 UTC (2 months, 3 weeks ago) by riastradh
Branches: MAIN
Diff to: previous 1.10: preferred, colored
Changes since revision 1.10: +4 -3 lines
npftest: Fix newly added test.

- Adapt new test to actually exercise new rules.
- Mark the right test xfail.

PR bin/55403: npfctl miscompiles IPv6 rules

Revision 1.10: download - view: text, markup, annotated - select for diffs
Tue Oct 29 22:24:30 2024 UTC (2 months, 3 weeks ago) by riastradh
Branches: MAIN
Diff to: previous 1.9: preferred, colored
Changes since revision 1.9: +8 -1 lines
npftest: Add a test to match groups of IPv6 addresses.

The npf_rule test group is now an xfail.  (npftest doesn't have a way
to mark individual cases in a test group as xfail, so this will have
to do for now.)

PR bin/55403: npfctl miscompiles IPv6 rules

Revision 1.7.2.2: download - view: text, markup, annotated - select for diffs
Sat Jun 20 15:46:48 2020 UTC (4 years, 7 months ago) by martin
Branches: netbsd-9
CVS tags: netbsd-9-4-RELEASE, netbsd-9-3-RELEASE, netbsd-9-2-RELEASE, netbsd-9-1-RELEASE
Diff to: previous 1.7.2.1: preferred, colored; branchpoint 1.7: preferred, colored
Changes since revision 1.7.2.1: +4 -1 lines
Pull up following revision(s) (requested by rmind in ticket #956):

	usr.sbin/npf/npf-params.7: revision 1.4
	sys/net/npf/npf_worker.c: revision 1.9
	usr.sbin/npf/npftest/npftest.h: revision 1.17
	usr.sbin/npf/npfctl/npf_bpf_comp.c: revision 1.16
	usr.sbin/npf/npf-params.7: revision 1.5
	sys/net/npf/npf_state_tcp.c: revision 1.21
	usr.sbin/npf/npfctl/npf_build.c: revision 1.55
	usr.sbin/npf/npf-params.7: revision 1.6
	sys/net/npf/npfkern.h: revision 1.5
	lib/libnpf/npf.c: revision 1.49
	usr.sbin/npf/npf-params.7: revision 1.7
	sys/net/npf/npf_impl.h: revision 1.81
	sys/net/npf/npf_ext_log.c: revision 1.17
	usr.sbin/npf/npfctl/npfctl.h: revision 1.53
	usr.sbin/npf/npftest/libnpftest/npf_mbuf_subr.c: revision 1.11
	sys/net/npf/npf_nat.c: revision 1.50
	sys/net/npf/npf_mbuf.c: revision 1.24
	sys/net/npf/npf_alg.c: revision 1.22
	usr.sbin/npf/npftest/libnpftest/npf_nat_test.c: revision 1.14
	usr.sbin/npf/npftest/libnpftest/npf_conn_test.c: file removal
	usr.sbin/npf/npftest/libnpftest/npf_state_test.c: revision 1.10
	sys/net/npf/npf.h: revision 1.63
	usr.sbin/npf/npftest/libnpftest/npf_test.h: revision 1.21
	usr.sbin/npf/npfctl/npf_var.c: revision 1.13
	sys/net/npf/files.npf: revision 1.23
	usr.sbin/npf/npfctl/npf_show.c: revision 1.32
	usr.sbin/npf/npfctl/npf.conf.5: revision 1.91
	sys/net/npf/npf_os.c: revision 1.18
	sys/net/npf/npf_connkey.c: revision 1.2
	sys/net/npf/npf_conf.c: revision 1.17
	lib/libnpf/libnpf.3: revision 1.12
	usr.sbin/npf/npftest/npftest.c: revision 1.25
	usr.sbin/npf/npftest/libnpftest/npf_gc_test.c: revision 1.1
	usr.sbin/npf/npfctl/npf_parse.y: revision 1.51
	sys/net/npf/npf_tableset.c: revision 1.35
	usr.sbin/npf/npftest/npftest.conf: revision 1.9
	sys/net/npf/npf_sendpkt.c: revision 1.22
	usr.sbin/npf/npfctl/npf_var.h: revision 1.10
	sys/net/npf/npf_state.c: revision 1.23
	sys/net/npf/npf_conn.h: revision 1.20
	usr.sbin/npf/npfctl/npfctl.c: revision 1.64
	usr.sbin/npf/npfctl/npf_cmd.c: revision 1.1
	sys/net/npf/npf_portmap.c: revision 1.5
	sys/net/npf/npf_params.c: revision 1.3
	usr.sbin/npf/npfctl/npf_scan.l: revision 1.32
	tests/net/npf/t_npf.sh: revision 1.4
	sys/net/npf/npf_ext_rndblock.c: revision 1.9
	lib/libnpf/npf.h: revision 1.39
	sys/net/npf/npf_ruleset.c: revision 1.51
	sys/net/npf/npf_alg_icmp.c: revision 1.33
	sys/net/npf/npf.c: revision 1.43
	usr.sbin/npf/npftest/libnpftest/npf_test_subr.c: revision 1.17
	usr.sbin/npf/npfctl/npfctl.8: revision 1.25
	sys/net/npf/npf_ctl.c: revision 1.60
	usr.sbin/npf/npftest/libnpftest/npf_test_subr.c: revision 1.18
	usr.sbin/npf/npftest/libnpftest/Makefile: revision 1.11
	sys/net/npf/npf_handler.c: revision 1.49
	sys/net/npf/npf_inet.c: revision 1.57
	sys/net/npf/npf_ifaddr.c: revision 1.7
	sys/net/npf/npf_conndb.c: revision 1.9
	sys/net/npf/npf_if.c: revision 1.13
	usr.sbin/npf/npfctl/Makefile: revision 1.15
	sys/net/npf/npf_conn.c: revision 1.32
	sys/net/npf/npf_ext_normalize.c: revision 1.10
	sys/net/npf/npf_rproc.c: revision 1.20
	sys/net/npf/npf_worker.c: revision 1.8

Major NPF improvements (merge from upstream):
- Switch to the C11-style atomic primitives using atomic_loadstore(9).
- npfkern: introduce the 'state.key.interface' and 'state.key.direction'
  settings.  Users can now choose whether the connection state should be
  strictly per-interface or global at the configuration level.  Keep NAT
  logic to be always per-interface, though.
- npfkern: rewrite the G/C worker logic and make it self-tuning.
- npfkern and libnpf: multiple bug fixes; add param exporting; introduce
  more parameters.  Remove npf_nvlist_{copyin,copyout}() functions and
  refactor npfctl_load_nvlist() with others; add npfctl_run_op() to have
  a single entry point for operations.  Introduce npf_flow_t and clean up
  some code.
- npfctl: lots of fixes for the 'npfctl show' logic; make 'npfctl list'
  more informative; misc usability improvements and more user-friendly
  error messages.
- Amend and improve the manual pages.

npf_worker_sys{init,fini}: initialize/destroy the exit_cv condvar.

npftest -- npf_test_init(): add a workaround for NetBSD.

npf-params(7): fix the state.key defaults.

npf-params.7: s/filer/filter/

Adjust to "npfctl debug" command line changes, from rmind@.

Use more markup.

Revision 1.9: download - view: text, markup, annotated - select for diffs
Sat May 30 14:16:56 2020 UTC (4 years, 7 months ago) by rmind
Branches: MAIN
CVS tags: perseant-exfatfs-base-20240630, perseant-exfatfs-base, perseant-exfatfs, netbsd-10-base, netbsd-10-0-RELEASE, netbsd-10-0-RC6, netbsd-10-0-RC5, netbsd-10-0-RC4, netbsd-10-0-RC3, netbsd-10-0-RC2, netbsd-10-0-RC1, cjep_sun2x-base1, cjep_sun2x-base, cjep_sun2x, cjep_staticlib_x-base1, cjep_staticlib_x-base, cjep_staticlib_x
Branch point for: netbsd-10
Diff to: previous 1.8: preferred, colored
Changes since revision 1.8: +4 -1 lines
Major NPF improvements (merge from upstream):

- Switch to the C11-style atomic primitives using atomic_loadstore(9).

- npfkern: introduce the 'state.key.interface' and 'state.key.direction'
  settings.  Users can now choose whether the connection state should be
  strictly per-interface or global at the configuration level.  Keep NAT
  logic to be always per-interface, though.

- npfkern: rewrite the G/C worker logic and make it self-tuning.

- npfkern and libnpf: multiple bug fixes; add param exporting; introduce
  more parameters.  Remove npf_nvlist_{copyin,copyout}() functions and
  refactor npfctl_load_nvlist() with others; add npfctl_run_op() to have
  a single entry point for operations.  Introduce npf_flow_t and clean up
  some code.

- npfctl: lots of fixes for the 'npfctl show' logic; make 'npfctl list'
  more informative; misc usability improvements and more user-friendly
  error messages.

- Amend and improve the manual pages.

Revision 1.5.26.2: download - view: text, markup, annotated - select for diffs
Mon Apr 13 08:05:55 2020 UTC (4 years, 9 months ago) by martin
Branches: phil-wifi
Diff to: previous 1.5.26.1: preferred, colored; branchpoint 1.5: preferred, colored; next MAIN 1.6: preferred, colored
Changes since revision 1.5.26.1: +2 -1 lines
Mostly merge changes from HEAD upto 20200411

Revision 1.7.2.1: download - view: text, markup, annotated - select for diffs
Fri Oct 4 08:06:35 2019 UTC (5 years, 3 months ago) by martin
Branches: netbsd-9
CVS tags: netbsd-9-0-RELEASE, netbsd-9-0-RC2, netbsd-9-0-RC1
Diff to: previous 1.7: preferred, colored
Changes since revision 1.7: +2 -2 lines
Pull up following revision(s) (requested by rmind in ticket #282):

	usr.sbin/npf/npfctl/npf_build.c: revision 1.53
	lib/libnpf/npf.c: revision 1.48
	usr.sbin/npf/npfctl/npfctl.h: revision 1.50
	sys/net/npf/npf_impl.h: revision 1.80
	usr.sbin/npf/npfctl/npfctl.h: revision 1.51
	sys/net/npf/npf_ruleset.c: revision 1.49
	usr.sbin/npf/npfctl/npf.conf.5: revision 1.90
	sys/net/npf/npf_ctl.c: revision 1.59
	lib/libnpf/libnpf.3: revision 1.11
	usr.sbin/npf/npfctl/npf_parse.y: revision 1.50
	usr.sbin/npf/npftest/npftest.conf: revision 1.8
	usr.sbin/npf/npfctl/npfctl.c: revision 1.62
	usr.sbin/npf/npfctl/npfctl.c: revision 1.63
	usr.sbin/npf/npfctl/npf_scan.l: revision 1.30
	usr.sbin/npf/npfctl/npfctl.8: revision 1.22
	lib/libnpf/npf.h: revision 1.38
	usr.sbin/npf/npfctl/npfctl.8: revision 1.23
	usr.sbin/npf/npfctl/npfctl.8: revision 1.24
	sys/net/npf/npf_if.c: revision 1.11
	sys/net/npf/npf_if.c: revision 1.12
	usr.sbin/npf/npfctl/npf.conf.5: revision 1.89
	sys/net/npf/npf_conn.c: revision 1.30
	usr.sbin/npf/npfctl/npf_build.c: revision 1.52

npfctl: implement table replace subcommand.
Contributed by Timshel Knoll-Miller.

NPF ifmap: rework and fix a few small bugs.

npfctl: implement table replace subcommand.
Contributed by Timshel Knoll-Miller.
(missed a file in previous commit; cvs is so helpful..)

libnpf/npfctl: support dynamic NAT rulesets using a name prefix.

Use -width Pa for FILES.

Fix pasto in table replace -t type

Use -width Pa for FILES.

npf_ifmap_copylogname: be more defensive.

Revision 1.8: download - view: text, markup, annotated - select for diffs
Mon Sep 30 00:37:11 2019 UTC (5 years, 3 months ago) by rmind
Branches: MAIN
CVS tags: phil-wifi-20200421, phil-wifi-20200411, phil-wifi-20200406, phil-wifi-20191119, is-mlppp-base, is-mlppp
Diff to: previous 1.7: preferred, colored
Changes since revision 1.7: +2 -2 lines
libnpf/npfctl: support dynamic NAT rulesets using a name prefix.

Revision 1.7: download - view: text, markup, annotated - select for diffs
Tue Jul 23 00:52:02 2019 UTC (5 years, 6 months ago) by rmind
Branches: MAIN
CVS tags: netbsd-9-base
Branch point for: netbsd-9
Diff to: previous 1.6: preferred, colored
Changes since revision 1.6: +2 -1 lines
NPF improvements:
- Add support for dynamic NETMAP algorithm (stateful net-to-net).
- Add most of the support for the dynamic NAT rules; a little bit more
  userland work is needed to finish this up and enable.
- Replace 'stateful-ends' with more permissive 'stateful-all'.
- Add various tunable parameters and document them, see npf-params(7).
- Reduce the memory usage of the connection state table (conndb).
- Portmap rewrite: use memory more efficiently, handle addresses dynamically.
- Bug fix: add splsoftnet()/splx() around the thmap writers and comment.
- npftest: clean up and simplify; fix some memleaks to make ASAN happy.

Revision 1.5.26.1: download - view: text, markup, annotated - select for diffs
Mon Jun 10 22:10:35 2019 UTC (5 years, 7 months ago) by christos
Branches: phil-wifi
Diff to: previous 1.5: preferred, colored
Changes since revision 1.5: +11 -4 lines
Sync with HEAD

Revision 1.5.24.1: download - view: text, markup, annotated - select for diffs
Sat Jan 26 22:00:39 2019 UTC (6 years ago) by pgoyette
Branches: pgoyette-compat
CVS tags: pgoyette-compat-merge-20190127
Diff to: previous 1.5: preferred, colored; next MAIN 1.6: preferred, colored
Changes since revision 1.5: +11 -4 lines
Sync with HEAD

Revision 1.6: download - view: text, markup, annotated - select for diffs
Sat Jan 19 21:19:32 2019 UTC (6 years ago) by rmind
Branches: MAIN
CVS tags: phil-wifi-20190609, pgoyette-compat-20190127
Diff to: previous 1.5: preferred, colored
Changes since revision 1.5: +11 -4 lines
Major NPF improvements:
- Convert NPF connection table to thmap.  State lookup is now lock-free.
- Improve connection state G/C: it is now incremental and tunable.
- Add support for dynamic NAT address.  Translation addresses can now be
  selected from a pool of addresses.  There are two selection algorithms,
  "ip-hash" and "round-robin" (see the man page).
- Translation address can be specified as e.g. ifaddrs(wm0) in npf.conf
  to dynamically choose an IP from the interface address(es).
- Add support for the NETMAP algorithm with static NAT for net-to-net
  translation (it is equivalent to iptables NETMAP logic).
- Convert 'ipset' tables to use thmap; the table lookup is now lock-free.
- Misc improvements, bug fixes and more unit tests.
- Bump NPF_VERSION (will also bump libnpf).

Revision 1.1.4.2: download - view: text, markup, annotated - select for diffs
Wed Aug 20 00:05:11 2014 UTC (10 years, 5 months ago) by tls
Branches: tls-maxphys
Diff to: previous 1.1.4.1: preferred, colored; branchpoint 1.1: preferred, colored; next MAIN 1.2: preferred, colored
Changes since revision 1.1.4.1: +18 -5 lines
Rebase to HEAD as of a few days ago.

Revision 1.1.6.3: download - view: text, markup, annotated - select for diffs
Thu May 22 11:43:07 2014 UTC (10 years, 8 months ago) by yamt
Branches: yamt-pagecache
Diff to: previous 1.1.6.2: preferred, colored; branchpoint 1.1: preferred, colored; next MAIN 1.2: preferred, colored
Changes since revision 1.1.6.2: +18 -4 lines
sync with head.

for a reference, the tree before this commit was tagged
as yamt-pagecache-tag8.

this commit was splitted into small chunks to avoid
a limitation of cvs.  ("Protocol error: too many arguments")

Revision 1.5: download - view: text, markup, annotated - select for diffs
Thu Feb 13 03:34:40 2014 UTC (10 years, 11 months ago) by rmind
Branches: MAIN
CVS tags: yamt-pagecache-base9, tls-maxphys-base, tls-earlyentropy-base, tls-earlyentropy, riastradh-xf86-video-intel-2-7-1-pre-2-21-15, riastradh-drm2-base3, prg-localcount2-base3, prg-localcount2-base2, prg-localcount2-base1, prg-localcount2-base, prg-localcount2, phil-wifi-base, pgoyette-localcount-base, pgoyette-localcount-20170426, pgoyette-localcount-20170320, pgoyette-localcount-20170107, pgoyette-localcount-20161104, pgoyette-localcount-20160806, pgoyette-localcount-20160726, pgoyette-localcount, pgoyette-compat-base, pgoyette-compat-20190118, pgoyette-compat-1226, pgoyette-compat-1126, pgoyette-compat-1020, pgoyette-compat-0930, pgoyette-compat-0906, pgoyette-compat-0728, pgoyette-compat-0625, pgoyette-compat-0521, pgoyette-compat-0502, pgoyette-compat-0422, pgoyette-compat-0415, pgoyette-compat-0407, pgoyette-compat-0330, pgoyette-compat-0322, pgoyette-compat-0315, perseant-stdc-iso10646-base, perseant-stdc-iso10646, netbsd-8-base, netbsd-8-3-RELEASE, netbsd-8-2-RELEASE, netbsd-8-1-RELEASE, netbsd-8-1-RC1, netbsd-8-0-RELEASE, netbsd-8-0-RC2, netbsd-8-0-RC1, netbsd-8, netbsd-7-nhusb-base-20170116, netbsd-7-nhusb-base, netbsd-7-nhusb, netbsd-7-base, netbsd-7-2-RELEASE, netbsd-7-1-RELEASE, netbsd-7-1-RC2, netbsd-7-1-RC1, netbsd-7-1-2-RELEASE, netbsd-7-1-1-RELEASE, netbsd-7-1, netbsd-7-0-RELEASE, netbsd-7-0-RC3, netbsd-7-0-RC2, netbsd-7-0-RC1, netbsd-7-0-2-RELEASE, netbsd-7-0-1-RELEASE, netbsd-7-0, netbsd-7, matt-nb8-mediatek-base, matt-nb8-mediatek, localcount-20160914, bouyer-socketcan-base1, bouyer-socketcan-base, bouyer-socketcan
Branch point for: phil-wifi, pgoyette-compat
Diff to: previous 1.4: preferred, colored
Changes since revision 1.4: +9 -1 lines
NPF: add support for IPv6-to-IPv6 Network Prefix Translation (NPTv6),
as per RFC 6296.  Add a unit test.  Also, bump NPF_VERSION.

Thanks to S.P.Zeidler for the help with NPTv6 work!

Revision 1.4: download - view: text, markup, annotated - select for diffs
Fri Feb 7 23:45:22 2014 UTC (10 years, 11 months ago) by rmind
Branches: MAIN
Diff to: previous 1.3: preferred, colored
Changes since revision 1.3: +6 -1 lines
NPF: add support for static (stateless) NAT.

Revision 1.3: download - view: text, markup, annotated - select for diffs
Mon Sep 23 15:30:32 2013 UTC (11 years, 4 months ago) by rmind
Branches: MAIN
Diff to: previous 1.2: preferred, colored
Changes since revision 1.2: +5 -5 lines
Update npftest.conf for the recent syntax adjustments.

Revision 1.1.4.1: download - view: text, markup, annotated - select for diffs
Mon Feb 25 00:30:47 2013 UTC (11 years, 11 months ago) by tls
Branches: tls-maxphys
Diff to: previous 1.1: preferred, colored
Changes since revision 1.1: +2 -1 lines
resync with head

Revision 1.1.2.3: download - view: text, markup, annotated - select for diffs
Mon Feb 11 21:49:49 2013 UTC (11 years, 11 months ago) by riz
Branches: netbsd-6
CVS tags: netbsd-6-1-RELEASE, netbsd-6-1-RC4, netbsd-6-1-RC3, netbsd-6-1-RC2, netbsd-6-1-RC1, netbsd-6-1-5-RELEASE, netbsd-6-1-4-RELEASE, netbsd-6-1-3-RELEASE, netbsd-6-1-2-RELEASE, netbsd-6-1-1-RELEASE, netbsd-6-1
Diff to: previous 1.1.2.2: preferred, colored; branchpoint 1.1: preferred, colored; next MAIN 1.2: preferred, colored
Changes since revision 1.1.2.2: +2 -1 lines
Pull up following revision(s) (requested by rmind in ticket #817):
	usr.sbin/npf/npfctl/npfctl.8: revision 1.12
	usr.sbin/npf/npfctl/npf.conf.5: revision 1.27
	usr.sbin/npf/npfctl/npf_parse.y: revision 1.18
	usr.sbin/npf/npfctl/npf_build.c: revision 1.20
	usr.sbin/npf/npfctl/npfctl.c: revision 1.28
	lib/libnpf/npf.c: revision 1.16
	usr.sbin/npf/npfctl/npfctl.c: revision 1.29
	lib/libnpf/npf.c: revision 1.17
	sys/modules/npf/Makefile: revision 1.12
	sys/net/npf/npf_rproc.c: revision 1.6
	usr.sbin/npf/npftest/README: revision 1.4
	sys/net/npf/npf_tableset.c: revision 1.17
	sys/net/npf/npf_ctl.c: revision 1.21
	sys/net/npf/npf_ctl.c: revision 1.22
	usr.sbin/npf/npfctl/npfctl.h: revision 1.25
	lib/libnpf/npf.h: revision 1.13
	usr.sbin/npf/npftest/npftest.conf: revision 1.2
	usr.sbin/npf/npfctl/npfctl.h: revision 1.26
	sys/net/npf/npf_ruleset.c: revision 1.17
	lib/libnpf/npf.h: revision 1.14
	sys/net/npf/npf_ruleset.c: revision 1.18
	sys/net/npf/npf_conf.c: revision 1.1
	usr.sbin/npf/npfctl/npf_scan.l: revision 1.10
	sys/net/npf/npf_conf.c: revision 1.2
	sys/net/npf/npf_instr.c: revision 1.16
	sys/net/npf/npf_handler.c: revision 1.26
	sys/net/npf/npf_impl.h: revision 1.26
	usr.sbin/npf/npfctl/npf_disassemble.c: revision 1.14
	sys/net/npf/npf_processor.c: revision 1.15
	sys/net/npf/npf_impl.h: revision 1.27
	sys/net/npf/npf_alg_icmp.c: revision 1.15
	usr.sbin/npf/npfctl/npf_disassemble.c: revision 1.15
	usr.sbin/npf/npfctl/npf_disassemble.c: revision 1.16
	sys/net/npf/npf_ncode.h: revision 1.11
	sys/net/npf/files.npf: revision 1.10
	usr.sbin/npf/npftest/Makefile: revision 1.4
	usr.sbin/npf/npfctl/npfctl.c: revision 1.30
	lib/libnpf/npf.3: revision 1.8
	usr.sbin/npf/npftest/libnpftest/npf_rule_test.c: revision 1.4
	sys/net/npf/npf_session.c: revision 1.21
	usr.sbin/npf/npftest/libnpftest/npf_rule_test.c: revision 1.5
	usr.sbin/npf/npfctl/npf_build.c: revision 1.18
	usr.sbin/npf/npfctl/npf_build.c: revision 1.19
	sys/net/npf/npf_alg.c: revision 1.7
	usr.sbin/npf/npfctl/Makefile: revision 1.10
	sys/net/npf/npf_inet.c: revision 1.21
	sys/net/npf/npf.h: revision 1.26
	sys/net/npf/npf.h: revision 1.27
	usr.sbin/pf/ftp-proxy/Makefile: revision 1.8
	sys/net/npf/npf_nat.c: revision 1.19
	sys/net/npf/npf.c: revision 1.15
	sys/net/npf/npf_state.c: revision 1.14
	sys/net/npf/npf_sendpkt.c: revision 1.14
	sys/rump/net/lib/libnpf/Makefile: revision 1.4
IPv6 linklocal address printing cosmetics
NPF:
- Implement dynamic NPF rules.  Controlled through npf(3) library of via
  npfctl rule command.  A rule can be removed using a unique identifier,
  returned on addition, or using a key which is SHA1 hash of the rule.
  Adjust npftest and add a regression test.
- Improvements to rule inspection mechanism.
- Initial BPF support as an alternative to n-code.
- Minor fixes; bump the version.
Disable -DWITH_NPF for now; will be converted to BPF mechanism.
- Fix NPF config reload with dynamic rules present.
- Implement list and flush commands on a dynamic ruleset.
Allow filtering on IP addresses even if the L4 protocol is unknown.
Patch from spz@.
npftest: adjust for recent change.

Revision 1.2: download - view: text, markup, annotated - select for diffs
Sat Feb 9 03:35:33 2013 UTC (11 years, 11 months ago) by rmind
Branches: MAIN
CVS tags: riastradh-drm2-base2, riastradh-drm2-base1, riastradh-drm2-base, riastradh-drm2, agc-symver-base, agc-symver
Diff to: previous 1.1: preferred, colored
Changes since revision 1.1: +2 -1 lines
NPF:
- Implement dynamic NPF rules.  Controlled through npf(3) library of via
  npfctl rule command.  A rule can be removed using a unique identifier,
  returned on addition, or using a key which is SHA1 hash of the rule.
  Adjust npftest and add a regression test.
- Improvements to rule inspection mechanism.
- Initial BPF support as an alternative to n-code.
- Minor fixes; bump the version.

Revision 1.1.6.2: download - view: text, markup, annotated - select for diffs
Tue Oct 30 19:00:46 2012 UTC (12 years, 2 months ago) by yamt
Branches: yamt-pagecache
CVS tags: yamt-pagecache-tag8
Diff to: previous 1.1.6.1: preferred, colored; branchpoint 1.1: preferred, colored
Changes since revision 1.1.6.1: +41 -0 lines
sync with head

Revision 1.1.2.2: download - view: text, markup, annotated - select for diffs
Mon Aug 13 17:49:52 2012 UTC (12 years, 5 months ago) by riz
Branches: netbsd-6
CVS tags: netbsd-6-0-RELEASE, netbsd-6-0-RC2, netbsd-6-0-RC1, netbsd-6-0-6-RELEASE, netbsd-6-0-5-RELEASE, netbsd-6-0-4-RELEASE, netbsd-6-0-3-RELEASE, netbsd-6-0-2-RELEASE, netbsd-6-0-1-RELEASE, netbsd-6-0, matt-nb6-plus-nbase, matt-nb6-plus-base, matt-nb6-plus
Diff to: previous 1.1.2.1: preferred, colored; branchpoint 1.1: preferred, colored
Changes since revision 1.1.2.1: +41 -0 lines
Pull up following revision(s) (requested by rmind in ticket #485):
	lib/libnpf/npf.c: revision 1.11
	sys/net/npf/npf_session.c: revision 1.17
	sys/modules/npf/Makefile: revision 1.10
	usr.sbin/npf/npftest/npftest.c: revision 1.4
	usr.sbin/npf/npftest/README: revision 1.1
	sys/net/npf/npf_tableset.c: revision 1.14
	usr.sbin/npf/npftest/npftest.h: revision 1.4
	lib/libnpf/npf.h: revision 1.10
	sys/net/npf/npf_ruleset.c: revision 1.14
	usr.sbin/npf/npfctl/npf_data.c: revision 1.18
	usr.sbin/npf/npftest/npftest.conf: revision 1.1
	sys/net/npf/npf_handler.c: revision 1.21
	sys/net/npf/npf_impl.h: revision 1.21
	usr.sbin/npf/npfctl/npfctl.c: revision 1.18
	usr.sbin/npf/npftest/libnpftest/npf_nat_test.c: revision 1.1
	usr.sbin/npf/npfctl/npf_build.c: revision 1.13
	usr.sbin/npf/npftest/libnpftest/npf_rule_test.c: revision 1.1
	usr.sbin/npf/npftest/npfstream.c: revision 1.3
	usr.sbin/npf/npftest/libnpftest/Makefile: revision 1.4
	usr.sbin/npf/npfctl/npfctl.h: revision 1.19
	sys/net/npf/npf_nat.c: revision 1.16
	sys/net/npf/npf_state.c: revision 1.11
	usr.sbin/npf/npftest/libnpftest/npf_test_subr.c: revision 1.3
	usr.sbin/npf/npftest/libnpftest/npf_test.h: revision 1.5
	usr.sbin/npf/npfctl/npf_parse.y: revision 1.12
- Extend npftest: add ruleset inspection testing from the config generated
  by npfctl debug functionality.  Auto-create npftest interfaces for this.
- NPF sessions: combine protocol and interface into a separate substructure,
  share between the entries and thus fix the handling of them.  Constify.
- npftest: add regression tests for NAT policies.
- npf_build_nat: simplify and fix bi-NAT regression.
- Bump yacc stack size for npfctl.

Revision 1.1.6.1
Sun Aug 12 03:35:14 2012 UTC (12 years, 5 months ago) by yamt
Branches: yamt-pagecache
FILE REMOVED
Changes since revision 1.1: +0 -41 lines
file npftest.conf was added on branch yamt-pagecache on 2012-10-30 19:00:46 +0000

Revision 1.1.2.1
Sun Aug 12 03:35:14 2012 UTC (12 years, 5 months ago) by riz
Branches: netbsd-6
FILE REMOVED
Changes since revision 1.1: +0 -41 lines
file npftest.conf was added on branch netbsd-6 on 2012-08-13 17:49:52 +0000

Revision 1.1: download - view: text, markup, annotated - select for diffs
Sun Aug 12 03:35:14 2012 UTC (12 years, 5 months ago) by rmind
Branches: MAIN
CVS tags: yamt-pagecache-base8, yamt-pagecache-base7, yamt-pagecache-base6
Branch point for: yamt-pagecache, tls-maxphys, netbsd-6
- Extend npftest: add ruleset inspection testing from the config generated
  by npfctl debug functionality.  Auto-create npftest interfaces for this.
- NPF sessions: combine protocol and interface into a separate substructure,
  share between the entries and thus fix the handling of them.  Constify.
- npftest: add regression tests for NAT policies.
- npf_build_nat: simplify and fix bi-NAT regression.
- Bump yacc stack size for npfctl.

Diff request

This form allows you to request diffs between any two revisions of a file. You may select a symbolic revision name using the selection box or you may type in a numeric name using the type-in text box.

Log view options

CVSweb <webmaster@jp.NetBSD.org>