Re: NPF documentation

[christos%astron.com@localhost (Christos Zoulas)]

In article <20130313142533.GA194%gmail.com@localhost>,
Pongthep Kulkrisada  <ptkrisada%gmail.com@localhost> wrote:
>Hi All,
>
>* Mindaugas Rasiukevicius (rmind%netbsd.org@localhost) wrote:
>> As those of you tracking source changes may have already noticed, there
>> have been various improvements to NPF over the last few months (e.g. support
>> for dynamic NPF rules).
>Very great to have listened this.
>I have posted an npf question in this list since Jan 2013.
>But there has been no reply.
>
>> Additionally, I created a web page for NPF documentation:
>> 
>> http://www.netbsd.org/~rmind/npf/
>Sorry, it seems that the doc is still not updated as in npf.conf(5)
>regarding interfaces.
>
>$ext_if = "wm0"
>should be changed to
>$ext_if = inet4(wm0)
>or inet6
>
>> NetBSD 6.1 has recently entered Release Candidate
>> stage, therefore wider testing would be more than welcome!
>Here's my minimal /etc/npf.conf.
>
># cat /etc/npf.conf
>$ext_if = inet4(pcn0)
>
>procedure "log" {
>       log: npflog0
>}
>
>procedure "norm" {
>       normalise: "random-id"
>}
>
>group (name "external", interface $ext_if) {
>       pass all
>}
>
>group (default) {
>       pass final on lo0 all
>       block all
>}
>
>This configuration results in an error.
>
># npfctl reload
>/etc/npf.conf:5:1: invalid parameter 'npflog0' near '}'

This happens if the module is not loaded and the interface has not
been created. I have fixed all these issues on head.

christos