[src/trunk]: src/sys/netinet Defopt the rest of the Ipfilter options and tuna...

To: source-changes-hg%NetBSD.org@localhost
Subject: [src/trunk]: src/sys/netinet Defopt the rest of the Ipfilter options and tuna...
From: bad <bad%NetBSD.org@localhost>
Date: Mon, 06 Apr 2020 19:23:53 +0000

details:   https://anonhg.NetBSD.org/src/rev/52a42e78ed1b
branches:  trunk
changeset: 757904:52a42e78ed1b
user:      bad <bad%NetBSD.org@localhost>
date:      Sat Oct 02 20:07:39 2010 +0000

description:
Defopt the rest of the Ipfilter options and tunables.
Per discussion with darrenr@ a year ago.

diffstat:

 sys/netinet/files.ipfilter |  23 +++++++++++++++++++----
 1 files changed, 19 insertions(+), 4 deletions(-)

diffs (43 lines):

diff -r d8843ebab675 -r 52a42e78ed1b sys/netinet/files.ipfilter
--- a/sys/netinet/files.ipfilter        Sat Oct 02 19:31:14 2010 +0000
+++ b/sys/netinet/files.ipfilter        Sat Oct 02 20:07:39 2010 +0000
@@ -1,10 +1,25 @@
-#      $NetBSD: files.ipfilter,v 1.11 2010/04/17 22:00:33 darrenr Exp $
+#      $NetBSD: files.ipfilter,v 1.12 2010/10/02 20:07:39 bad Exp $
 
 defflag        opt_ipfilter.h  IPFILTER_LOG            # logging of ip packets
 defflag        opt_ipfilter.h  IPFILTER_DEFAULT_BLOCK
-defflag        opt_ipfilter.h  IPFILTER_LOOKUP
+defflag        opt_ipfilter.h  IPFILTER_BPF            # BPF opcodes in rules
+defflag        opt_ipfilter.h  IPFILTER_CKSUM          # check layer 4 checksums
+defflag        opt_ipfilter.h  IPFILTER_COMPILED       # support for compiled IPF rules
+defflag        opt_ipfilter.h  IPFILTER_LOOKUP         # support for ippool(8)
+defflag        opt_ipfilter.h  IPFILTER_SCAN           # scanning of packet contents
+defflag        opt_ipfilter.h  IPFILTER_SYNC           # synchronisation of state 
 defflag        opt_ipfilter.h  IPFILTER_COMPAT         # IPFilter version compat.
 
+defparam opt_ipfilter.h        IPFILTER_LOGSIZE        # size of logging buffer
+defparam opt_ipfilter.h        IPSTATE_MAX     # maximum number of references to state table entry
+defparam opt_ipfilter.h        IPSTATE_SIZE    # size of state hash table
+defparam opt_ipfilter.h        NAT_TABLE_MAX   # maximum number of NAT state entries
+defparam opt_ipfilter.h        NAT_TABLE_SZ    # size of NAT state hash table
+defparam opt_ipfilter.h        NAT_SIZE        # size of nat rules hash table
+defparam opt_ipfilter.h        RDR_SIZE        # size of rdr rules hash table
+defparam opt_ipfilter.h        HOSTMAP_SIZE    # size of hostmap hash table
+
+
 defpseudo ipfilter: ifnet, bpf_filter          # XXX not really an ifnet
 
 file   dist/ipf/netinet/fil.c                  ipfilter
@@ -17,9 +32,9 @@
 file   dist/ipf/netinet/ip_nat.c               ipfilter
 file   dist/ipf/netinet/ip_pool.c              ipfilter
 file   dist/ipf/netinet/ip_proxy.c             ipfilter
-file   dist/ipf/netinet/ip_scan.c              ipfilter
+file   dist/ipf/netinet/ip_scan.c              ipfilter & ipfilter_scan
 file   dist/ipf/netinet/ip_state.c             ipfilter
-file   dist/ipf/netinet/ip_sync.c              ipfilter
+file   dist/ipf/netinet/ip_sync.c              ipfilter & ipfilter_sync
 file   dist/ipf/netinet/ip_fil_compat.c        ipfilter & ipfilter_compat
 
 makeoptions    ipfilter        CPPFLAGS+="-I$S/dist/ipf"

Prev by Date: [src/trunk]: src/external/bsd/cron/dist Use setenv(3) instead of putenv(3) be...
Next by Date: [src/trunk]: src/usr.bin/patch Print version string to stdout instead of stderr;
Previous by Thread: [src/trunk]: src/external/bsd/cron/dist Use setenv(3) instead of putenv(3) be...
Next by Thread: [src/trunk]: src/usr.bin/patch Print version string to stdout instead of stderr;
Indexes:

Home | Main Index | Thread Index | Old Index