[src/trunk]: src/usr.sbin/npf/npfctl G/C some todo items

To: source-changes-hg%NetBSD.org@localhost
Subject: [src/trunk]: src/usr.sbin/npf/npfctl G/C some todo items
From: rmind <rmind%NetBSD.org@localhost>
Date: Tue, 31 Jul 2018 18:14:13 +0000

details:   https://anonhg.NetBSD.org/src/rev/4fb64c90b726
branches:  trunk
changeset: 326702:4fb64c90b726
user:      rmind <rmind%NetBSD.org@localhost>
date:      Fri Feb 14 02:01:12 2014 +0000

description:
G/C some todo items

diffstat:

 usr.sbin/npf/npfctl/todo |  23 -----------------------
 1 files changed, 0 insertions(+), 23 deletions(-)

diffs (39 lines):

diff -r edbecdb79440 -r 4fb64c90b726 usr.sbin/npf/npfctl/todo
--- a/usr.sbin/npf/npfctl/todo  Fri Feb 14 01:52:58 2014 +0000
+++ b/usr.sbin/npf/npfctl/todo  Fri Feb 14 02:01:12 2014 +0000
@@ -7,35 +7,12 @@
    print the error messages. Or it should be called enable/disable since
    this is what it does. It does not "start" because like an engine with
    no fuel, an npf with no configuration does not do much.
--- able to specify interfaces before they are created
--- docs/examples out of date
 -- npf starts up too late (after traffic can go through)
--- need libpcap in /
 -- although the framework checks the file for consistency, returning EINVAL
    for system failures is probably not good enough. For example if a module
    failed to autoload, it is probably an error and it should be reported
    differently?
--- npf algorithms like icmp, are loaded via modules. Perhaps it is better
-   to have some config magic to autoload it instead of needing to run a
-   module command. algorithm "icmp" { }
 -- startup/stop script does not load and save session state
 -- add algo for "with short"
 -- implement "port-unr"
 -- implement block return-icmp in log final all with ipopts
-
-ok npf and dependent modules should autoload automagically as they are used
-ok have a way to register cloners? through a mapping file? consistently naming
-   the cloner modules? if_cloner? Split if_npflog from the ext_log module and
-   added autoloading for cloners.
-ok normalise -> normalize (the official project language is US/English)
-ok modules should move from /usr/lib to /lib
-ok parse dynamic map rule properly inet4($ext_if) does not work
-ok create npflog interface automatically
-ok need to bring interface npflog up
-ok parse 'port "ftp-data"' properly
-ok fix usage
-ok get better messages from the kernel when things fail: Ok with
-   DEBUG/DIAGNOSTIC, you get the file/line in the kernel that failed 
-   which is good enough.
-ok 'ifconfig npflog0 destroy; modunload if_npflog'. Remove dependency
-   on npf_ext_log module, since if_npflog can load and unload independently.

Prev by Date: [src/trunk]: src/sys/rump Register netisr's from component constructors inste...
Next by Date: [src/trunk]: src/doc Mention some NPF improvements: static (stateless) NAT, s...
Previous by Thread: [src/trunk]: src/sys/rump Register netisr's from component constructors inste...
Next by Thread: [src/trunk]: src/doc Mention some NPF improvements: static (stateless) NAT, s...
Indexes:

Home | Main Index | Thread Index | Old Index