CVS commit: src

To: source-changes%NetBSD.org@localhost
Subject: CVS commit: src
From: "Mindaugas Rasiukevicius" <rmind%netbsd.org@localhost>
Date: Sat, 19 Jan 2019 21:19:33 +0000

Module Name:    src
Committed By:   rmind
Date:           Sat Jan 19 21:19:32 UTC 2019

Modified Files:
        src/lib/libnpf: libnpf.3 npf.c npf.h
        src/sys/net/npf: npf.c npf.h npf_alg.c npf_conn.c npf_conn.h
            npf_conndb.c npf_ctl.c npf_ifaddr.c npf_impl.h npf_inet.c npf_nat.c
            npf_tableset.c npf_worker.c
        src/usr.sbin/npf: npf.7
        src/usr.sbin/npf/npfctl: npf.conf.5 npf_build.c npf_data.c npf_parse.y
            npf_scan.l npf_show.c npf_var.c npfctl.8 npfctl.c npfctl.h
        src/usr.sbin/npf/npftest: npfstream.c npftest.c npftest.conf npftest.h
        src/usr.sbin/npf/npftest/libnpftest: Makefile npf_bpf_test.c
            npf_mbuf_subr.c npf_nat_test.c npf_nbuf_test.c npf_perf_test.c
            npf_rule_test.c npf_state_test.c npf_table_test.c npf_test.h
            npf_test_subr.c
Added Files:
        src/usr.sbin/npf/npftest/libnpftest: npf_conn_test.c

Log Message:
Major NPF improvements:
- Convert NPF connection table to thmap.  State lookup is now lock-free.
- Improve connection state G/C: it is now incremental and tunable.
- Add support for dynamic NAT address.  Translation addresses can now be
  selected from a pool of addresses.  There are two selection algorithms,
  "ip-hash" and "round-robin" (see the man page).
- Translation address can be specified as e.g. ifaddrs(wm0) in npf.conf
  to dynamically choose an IP from the interface address(es).
- Add support for the NETMAP algorithm with static NAT for net-to-net
  translation (it is equivalent to iptables NETMAP logic).
- Convert 'ipset' tables to use thmap; the table lookup is now lock-free.
- Misc improvements, bug fixes and more unit tests.
- Bump NPF_VERSION (will also bump libnpf).


To generate a diff of this commit:
cvs rdiff -u -r1.6 -r1.7 src/lib/libnpf/libnpf.3
cvs rdiff -u -r1.44 -r1.45 src/lib/libnpf/npf.c
cvs rdiff -u -r1.34 -r1.35 src/lib/libnpf/npf.h
cvs rdiff -u -r1.36 -r1.37 src/sys/net/npf/npf.c
cvs rdiff -u -r1.58 -r1.59 src/sys/net/npf/npf.h
cvs rdiff -u -r1.18 -r1.19 src/sys/net/npf/npf_alg.c
cvs rdiff -u -r1.25 -r1.26 src/sys/net/npf/npf_conn.c
cvs rdiff -u -r1.14 -r1.15 src/sys/net/npf/npf_conn.h
cvs rdiff -u -r1.4 -r1.5 src/sys/net/npf/npf_conndb.c \
    src/sys/net/npf/npf_ifaddr.c
cvs rdiff -u -r1.52 -r1.53 src/sys/net/npf/npf_ctl.c \
    src/sys/net/npf/npf_inet.c
cvs rdiff -u -r1.73 -r1.74 src/sys/net/npf/npf_impl.h
cvs rdiff -u -r1.44 -r1.45 src/sys/net/npf/npf_nat.c
cvs rdiff -u -r1.28 -r1.29 src/sys/net/npf/npf_tableset.c
cvs rdiff -u -r1.5 -r1.6 src/sys/net/npf/npf_worker.c
cvs rdiff -u -r1.5 -r1.6 src/usr.sbin/npf/npf.7
cvs rdiff -u -r1.83 -r1.84 src/usr.sbin/npf/npfctl/npf.conf.5
cvs rdiff -u -r1.46 -r1.47 src/usr.sbin/npf/npfctl/npf_build.c \
    src/usr.sbin/npf/npfctl/npfctl.h
cvs rdiff -u -r1.29 -r1.30 src/usr.sbin/npf/npfctl/npf_data.c
cvs rdiff -u -r1.47 -r1.48 src/usr.sbin/npf/npfctl/npf_parse.y
cvs rdiff -u -r1.27 -r1.28 src/usr.sbin/npf/npfctl/npf_scan.l
cvs rdiff -u -r1.26 -r1.27 src/usr.sbin/npf/npfctl/npf_show.c
cvs rdiff -u -r1.11 -r1.12 src/usr.sbin/npf/npfctl/npf_var.c
cvs rdiff -u -r1.20 -r1.21 src/usr.sbin/npf/npfctl/npfctl.8
cvs rdiff -u -r1.56 -r1.57 src/usr.sbin/npf/npfctl/npfctl.c
cvs rdiff -u -r1.7 -r1.8 src/usr.sbin/npf/npftest/npfstream.c
cvs rdiff -u -r1.22 -r1.23 src/usr.sbin/npf/npftest/npftest.c
cvs rdiff -u -r1.5 -r1.6 src/usr.sbin/npf/npftest/npftest.conf
cvs rdiff -u -r1.15 -r1.16 src/usr.sbin/npf/npftest/npftest.h
cvs rdiff -u -r1.9 -r1.10 src/usr.sbin/npf/npftest/libnpftest/Makefile \
    src/usr.sbin/npf/npftest/libnpftest/npf_bpf_test.c
cvs rdiff -u -r0 -r1.1 src/usr.sbin/npf/npftest/libnpftest/npf_conn_test.c
cvs rdiff -u -r1.7 -r1.8 src/usr.sbin/npf/npftest/libnpftest/npf_mbuf_subr.c \
    src/usr.sbin/npf/npftest/libnpftest/npf_state_test.c
cvs rdiff -u -r1.10 -r1.11 src/usr.sbin/npf/npftest/libnpftest/npf_nat_test.c \
    src/usr.sbin/npf/npftest/libnpftest/npf_table_test.c
cvs rdiff -u -r1.6 -r1.7 src/usr.sbin/npf/npftest/libnpftest/npf_nbuf_test.c \
    src/usr.sbin/npf/npftest/libnpftest/npf_perf_test.c
cvs rdiff -u -r1.15 -r1.16 \
    src/usr.sbin/npf/npftest/libnpftest/npf_rule_test.c
cvs rdiff -u -r1.17 -r1.18 src/usr.sbin/npf/npftest/libnpftest/npf_test.h
cvs rdiff -u -r1.13 -r1.14 \
    src/usr.sbin/npf/npftest/libnpftest/npf_test_subr.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Prev by Date: CVS commit: src/sys/arch
Next by Date: CVS commit: src/doc
Previous by Thread: CVS commit: src/sys/arch
Next by Thread: CVS commit: src/doc
Indexes:

Home | Main Index | Thread Index | Old Index