Source-Changes-HG archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

[src/trunk]: src/usr.sbin/npf/npfctl Wrap long lines, so that nothing overflows.



details:   https://anonhg.NetBSD.org/src/rev/60af329ae42d
branches:  trunk
changeset: 433564:60af329ae42d
user:      maxv <maxv%NetBSD.org@localhost>
date:      Fri Sep 21 07:22:26 2018 +0000

description:
Wrap long lines, so that nothing overflows.

diffstat:

 usr.sbin/npf/npfctl/npf.conf.5 |  28 ++++++++++++++++++----------
 1 files changed, 18 insertions(+), 10 deletions(-)

diffs (70 lines):

diff -r 8dec1da76c30 -r 60af329ae42d usr.sbin/npf/npfctl/npf.conf.5
--- a/usr.sbin/npf/npfctl/npf.conf.5    Fri Sep 21 06:02:50 2018 +0000
+++ b/usr.sbin/npf/npfctl/npf.conf.5    Fri Sep 21 07:22:26 2018 +0000
@@ -1,4 +1,4 @@
-.\"    $NetBSD: npf.conf.5,v 1.76 2018/09/19 15:36:12 maxv Exp $
+.\"    $NetBSD: npf.conf.5,v 1.77 2018/09/21 07:22:26 maxv Exp $
 .\"
 .\" Copyright (c) 2009-2017 The NetBSD Foundation, Inc.
 .\" All rights reserved.
@@ -27,7 +27,7 @@
 .\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
 .\" POSSIBILITY OF SUCH DAMAGE.
 .\"
-.Dd September 19, 2018
+.Dd September 21, 2018
 .Dt NPF.CONF 5
 .Os
 .Sh NAME
@@ -425,7 +425,8 @@
 syntax         = var-def | set-param | alg | table-def |
                  map | group | proc | comment
 
-# Variable definition.  Names can be alpha-numeric, including "_" character.
+# Variable definition.  Names can be alpha-numeric, including "_"
+# character.
 
 var-name       = "$" . string
 interface      = interface-name | var-name
@@ -439,7 +440,8 @@
 alg            = "alg" alg-name
 alg-name       = "icmp"
 
-# Table definition.  Table ID shall be numeric.  Path is in the double quotes.
+# Table definition.  Table ID shall be numeric.  Path is in the
+# double quotes.
 
 table-id       = <table-name>
 table-def      = "table" table-id "type" ( "hash" | "tree" | "cdb" )
@@ -492,7 +494,8 @@
                  "icmp-type" type [ "code" icmp-code ]
 proto          = "proto" protocol [ proto-opts ]
 
-filt-opts      = "from" filt-addr [ port-opts ] "to" filt-addr [ port-opts ]
+filt-opts      = "from" filt-addr [ port-opts ] "to" filt-addr
+                 [ port-opts ]
 filt-addr      = [ "!" ] [ interface | addr-mask | table-id | "any" ]
 
 port-opts      = "port" ( port-num | port-from "-" port-to | var-name )
@@ -537,11 +540,16 @@
        pass stateful out final all
 
        block in final from <blacklist>
-       pass stateful in final family inet4 proto tcp to $ext_if port ssh apply "log"
-       pass stateful in final proto tcp to $ext_if port $services_tcp
-       pass stateful in final proto udp to $ext_if port $services_udp
-       pass stateful in final proto tcp to $ext_if port 49151-65535  # passive FTP
-       pass stateful in final proto udp to $ext_if port 33434-33600  # traceroute
+       pass stateful in final family inet4 proto tcp to $ext_if \e
+               port ssh apply "log"
+       pass stateful in final proto tcp to $ext_if \e
+               port $services_tcp
+       pass stateful in final proto udp to $ext_if \e
+               port $services_udp
+       pass stateful in final proto tcp to $ext_if \e
+               port 49151-65535  # passive FTP
+       pass stateful in final proto udp to $ext_if \e
+               port 33434-33600  # traceroute
 }
 
 group "internal" on $int_if {



Home | Main Index | Thread Index | Old Index