| #
096efeb6 |
| 20-Jan-2025 |
Kristof Provost <kp@FreeBSD.org> |
pfctl: follow rpool -> rdr rename
In e11dacbf8484adc7bbb61b20fee3ab8385745925 the redirect pool was renamed from
rpool to rdr. It included backwards compatibility support for libpfctl users,
but did
pfctl: follow rpool -> rdr rename
In e11dacbf8484adc7bbb61b20fee3ab8385745925 the redirect pool was renamed from
rpool to rdr. It included backwards compatibility support for libpfctl users,
but didn't fully implement the rename in our own code.
Do so now. No functional change.
Sponsored by: Rubicon Communications, LLC ("Netgate")
show more ...
|
|
Revision tags: release/14.2.0, release/13.4.0 |
|
| #
ba2a9207 |
| 07-Jun-2024 |
Kristof Provost <kp@FreeBSD.org> |
pf: convert DIOCBEGINADDRS to netlink
|
| #
71d3c704 |
| 31-May-2024 |
Kristof Provost <kp@FreeBSD.org> |
pf: convert DIOCNATLOOK to netlink
Sponsored by: Rubicon Communications, LLC ("Netgate")
|
|
Revision tags: release/14.1.0 |
|
| #
5824df8d |
| 23-Mar-2024 |
Kristof Provost <kp@FreeBSD.org> |
pf: convert DIOCGETSTATUS to netlink
Introduce pfctl_get_status_h() because we need the pfctl_handle. In this variant
use netlink to obtain the information.
Sponsored by: Rubicon Communications, LL
pf: convert DIOCGETSTATUS to netlink
Introduce pfctl_get_status_h() because we need the pfctl_handle. In this variant
use netlink to obtain the information.
Sponsored by: Rubicon Communications, LLC ("Netgate")
show more ...
|
| #
044243fc |
| 24-Apr-2024 |
Kristof Provost <kp@FreeBSD.org> |
libpfctl: allow access to the fd
pfctl_open() opens both /dev/pf and a netlink socket. Allow access to the /dev/
pf fd via pfctl_fd().
This means that libpfctl users no longer have to open /dev/pf t
libpfctl: allow access to the fd
pfctl_open() opens both /dev/pf and a netlink socket. Allow access to the /dev/
pf fd via pfctl_fd().
This means that libpfctl users no longer have to open /dev/pf themselves for any
calls that are not yet available in libpfctl.
Sponsored by: Rubicon Communications, LLC ("Netgate")
MFC after: 2 weeks
show more ...
|
|
Revision tags: release/13.3.0 |
|
| #
324fd7ec |
| 04-Jan-2024 |
Kristof Provost <kp@FreeBSD.org> |
libpfctl: introduce a handle-enabled variant of pfctl_add_rule()
Introduce pfctl_add_rule_h(), which takes a pfctl_handle rather than a
file descriptor (which it didn't use). This means that library
libpfctl: introduce a handle-enabled variant of pfctl_add_rule()
Introduce pfctl_add_rule_h(), which takes a pfctl_handle rather than a
file descriptor (which it didn't use). This means that library users can
open the handle while they're running as root, but later drop privileges
and still add rules to pf.
Sponsored by: Rubicon Communications, LLC ("Netgate")
show more ...
|
|
Revision tags: release/14.0.0 |
|
| #
ddd08375 |
| 29-Aug-2023 |
Kristof Provost <kp@FreeBSD.org> |
pf (t)ftp-proxy: use libpfctl instead of DIOCGETSTATUS
Prefer libpfctl functions over direct access to the ioctl whenever
possible. This will allow subsequent removal of DIOCGETSTATUS (in 15) as
the
pf (t)ftp-proxy: use libpfctl instead of DIOCGETSTATUS
Prefer libpfctl functions over direct access to the ioctl whenever
possible. This will allow subsequent removal of DIOCGETSTATUS (in 15) as
there already is an nvlist-based alternative.
MFC after: 1 week
Sponsored by: Rubicon Communications, LLC ("Netgate")
Differential Revision: https://reviews.freebsd.org/D41647
show more ...
|
|
Revision tags: release/13.2.0, release/12.4.0, release/13.1.0, release/12.3.0 |
|
| #
8923ea6c |
| 01-Jul-2021 |
Kristof Provost <kp@FreeBSD.org> |
ftp-proxy: Revert incorrect migration to libpfctl
libpfctl supports creating rules, but not (yet) adding addresses to a
pool. Adding addresses certainly does not work through adding a rule.
PR: 25
ftp-proxy: Revert incorrect migration to libpfctl
libpfctl supports creating rules, but not (yet) adding addresses to a
pool. Adding addresses certainly does not work through adding a rule.
PR: 256917
MFC after: 1 week
Sponsored by: Rubicon Communications, LLC ("Netgate")
show more ...
|
|
Revision tags: release/13.0.0 |
|
| #
e9eb0941 |
| 08-Apr-2021 |
Kristof Provost <kp@FreeBSD.org> |
libpfctl: Switch to pfctl_rule
Stop using the kernel's struct pf_rule, switch to libpfctl's pfctl_rule.
Now that we use nvlists to communicate with the kernel these structures
can be fully decoupled
libpfctl: Switch to pfctl_rule
Stop using the kernel's struct pf_rule, switch to libpfctl's pfctl_rule.
Now that we use nvlists to communicate with the kernel these structures
can be fully decoupled.
Reviewed by: glebius
MFC after: 4 weeks
Sponsored by: Rubicon Communications, LLC ("Netgate")
Differential Revision: https://reviews.freebsd.org/D29644
show more ...
|
| #
95be9288 |
| 29-Mar-2021 |
Kristof Provost <kp@FreeBSD.org> |
(t)ftp-proxy: use libpfctl
Reviewed by: glebius
MFC after: 4 weeks
Sponsored by: Rubicon Communications, LLC ("Netgate")
Differential Revision: https://reviews.freebsd.org/D29641
|
|
Revision tags: release/12.2.0, release/11.4.0, release/12.1.0, release/11.3.0, release/12.0.0, release/11.2.0, release/10.4.0, release/11.1.0, release/11.0.1, release/11.0.0, release/10.3.0, release/10.2.0, release/10.1.0, release/9.3.0, release/10.0.0, release/9.2.0, release/8.4.0, release/9.1.0, release/8.3.0_cvs, release/8.3.0, release/9.0.0 |
|
| #
935205e2 |
| 17-Jul-2011 |
Justin T. Gibbs <gibbs@FreeBSD.org> |
Integrate from Head into ZFSD feature branch as of revision r224141.
|
| #
23300944 |
| 30-Jun-2011 |
Peter Grehan <grehan@FreeBSD.org> |
IFC @ r223696 to pick up dfr's userboot
|
| #
40a03457 |
| 28-Jun-2011 |
Attilio Rao <attilio@FreeBSD.org> |
MFC
|
| #
e0bfbfce |
| 28-Jun-2011 |
Bjoern A. Zeeb <bz@FreeBSD.org> |
Update packet filter (pf) code to OpenBSD 4.5.
You need to update userland (world and ports) tools
to be in sync with the kernel.
Submitted by: mlaier
Submitted by: eri
|
|
Revision tags: release/7.4.0_cvs, release/8.2.0_cvs, release/7.4.0, release/8.2.0, release/8.1.0_cvs, release/8.1.0, release/7.3.0_cvs, release/7.3.0, release/8.0.0_cvs, release/8.0.0, release/7.2.0_cvs, release/7.2.0, release/7.1.0_cvs, release/7.1.0, release/6.4.0_cvs, release/6.4.0, release/7.0.0_cvs, release/7.0.0, release/6.3.0_cvs, release/6.3.0 |
|
| #
67ecd4f3 |
| 03-Jul-2007 |
Max Laier <mlaier@FreeBSD.org> |
Import pf userland from OpenBSD 4.1 and (for ftp-proxy) libevent 1.3b as
a local lib.
|
| #
fc515400 |
| 03-Jul-2007 |
Max Laier <mlaier@FreeBSD.org> |
This commit was generated by cvs2svn to compensate for changes in r171169,
which included commits to RCS files with non-trunk default branches.
|
| #
fc515400 |
| 03-Jul-2007 |
Max Laier <mlaier@FreeBSD.org> |
This commit was generated by cvs2svn to compensate for changes in r171169,
which included commits to RCS files with non-trunk default branches.
|
|
Revision tags: release/7.4.0_cvs, release/8.2.0_cvs, release/7.4.0, release/8.2.0, release/8.1.0_cvs, release/8.1.0, release/7.3.0_cvs, release/7.3.0, release/8.0.0_cvs, release/8.0.0, release/7.2.0_cvs, release/7.2.0, release/7.1.0_cvs, release/7.1.0, release/6.4.0_cvs, release/6.4.0, release/7.0.0_cvs, release/7.0.0, release/6.3.0_cvs, release/6.3.0 |
|
| #
67ecd4f3 |
| 03-Jul-2007 |
Max Laier <mlaier@FreeBSD.org> |
Import pf userland from OpenBSD 4.1 and (for ftp-proxy) libevent 1.3b as
a local lib.
|