Source-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[src/trunk]: src/sys/arch Unreference IPF/PF from the x86 config files (amd64...
details: https://anonhg.NetBSD.org/src/rev/1e02095de138
branches: trunk
changeset: 834204:1e02095de138
user: maxv <maxv%NetBSD.org@localhost>
date: Wed Aug 01 16:59:09 2018 +0000
description:
Unreference IPF/PF from the x86 config files (amd64, i386, xen), and enable
NPF instead when wanted.
diffstat:
sys/arch/amd64/conf/GENERIC | 14 +++-----------
sys/arch/amd64/conf/XEN3_DOM0 | 13 +++----------
sys/arch/amd64/conf/XEN3_DOMU | 14 +++-----------
sys/arch/i386/conf/GENERIC | 14 +++-----------
sys/arch/i386/conf/GENERIC_PS2TINY | 5 +----
sys/arch/i386/conf/GENERIC_TINY | 8 ++------
sys/arch/i386/conf/INSTALL_FLOPPY | 3 +--
sys/arch/i386/conf/INSTALL_TINY | 3 +--
sys/arch/i386/conf/NET4501 | 8 +++-----
sys/arch/i386/conf/XEN3PAE_DOM0 | 11 ++---------
sys/arch/i386/conf/XEN3PAE_DOMU | 12 ++----------
11 files changed, 24 insertions(+), 81 deletions(-)
diffs (truncated from 392 to 300 lines):
diff -r 2f69cf8a0d67 -r 1e02095de138 sys/arch/amd64/conf/GENERIC
--- a/sys/arch/amd64/conf/GENERIC Wed Aug 01 16:50:24 2018 +0000
+++ b/sys/arch/amd64/conf/GENERIC Wed Aug 01 16:59:09 2018 +0000
@@ -1,4 +1,4 @@
-# $NetBSD: GENERIC,v 1.497 2018/07/31 16:44:29 khorben Exp $
+# $NetBSD: GENERIC,v 1.498 2018/08/01 16:59:09 maxv Exp $
#
# GENERIC machine description file
#
@@ -22,7 +22,7 @@
options INCLUDE_CONFIG_FILE # embed config file in kernel binary
-#ident "GENERIC-$Revision: 1.497 $"
+#ident "GENERIC-$Revision: 1.498 $"
maxusers 64 # estimated number of users
@@ -201,10 +201,6 @@
options PPP_BSDCOMP # BSD-Compress compression support for PPP
options PPP_DEFLATE # Deflate compression support for PPP
options PPP_FILTER # Active filter support for PPP (requires bpf)
-options IPFILTER_LOG # ipmon(8) log support
-options IPFILTER_LOOKUP # ippool(8) support
-options IPFILTER_COMPAT # Compat for IP-Filter
-#options IPFILTER_DEFAULT_BLOCK # block all packets by default
#options TCP_DEBUG # Record last TCP_NDEBUG packets with SO_DEBUG
#options TCP_SIGNATURE # Enable RFC-2385 TCP md5 signatures
@@ -1286,7 +1282,6 @@
# network pseudo-devices
pseudo-device bpfilter # Berkeley packet filter
#pseudo-device carp # Common Address Redundancy Protocol
-pseudo-device ipfilter # IP filter (firewall) and NAT
pseudo-device loop # network loopback
#pseudo-device mpls # MPLS pseudo-interface
pseudo-device ppp # Point-to-Point Protocol
@@ -1307,10 +1302,7 @@
pseudo-device agr # IEEE 802.3ad link aggregation
pseudo-device l2tp # L2TPv3 interface
#pseudo-device etherip # Tunnel Ethernet over IP
-#pseudo-device pf # PF packet filter
-#pseudo-device pflog # PF log if
-#pseudo-device pfsync # PF sync if
-#pseudo-device npf # NPF packet filter
+pseudo-device npf # NPF packet filter
#pseudo-device canloop # CAN loopback interface
diff -r 2f69cf8a0d67 -r 1e02095de138 sys/arch/amd64/conf/XEN3_DOM0
--- a/sys/arch/amd64/conf/XEN3_DOM0 Wed Aug 01 16:50:24 2018 +0000
+++ b/sys/arch/amd64/conf/XEN3_DOM0 Wed Aug 01 16:59:09 2018 +0000
@@ -1,4 +1,4 @@
-# $NetBSD: XEN3_DOM0,v 1.153 2018/06/23 14:14:42 jakllsch Exp $
+# $NetBSD: XEN3_DOM0,v 1.154 2018/08/01 16:59:09 maxv Exp $
include "arch/amd64/conf/std.xen"
@@ -10,7 +10,7 @@
#options UVMHIST_PRINT
#options SYSCALL_DEBUG
-#ident "XEN3_DOM0-$Revision: 1.153 $"
+#ident "XEN3_DOM0-$Revision: 1.154 $"
maxusers 32 # estimated number of users
@@ -131,9 +131,6 @@
options PPP_BSDCOMP # BSD-Compress compression support for PPP
options PPP_DEFLATE # Deflate compression support for PPP
options PPP_FILTER # Active filter support for PPP (requires bpf)
-options IPFILTER_LOG # ipmon(8) log support
-options IPFILTER_LOOKUP # ippool(8) support
-#options IPFILTER_DEFAULT_BLOCK # block all packets by default
#options TCP_DEBUG # Record last TCP_NDEBUG packets with SO_DEBUG
#options ALTQ # Manipulate network interfaces' output queues
@@ -861,7 +858,6 @@
# network pseudo-devices
pseudo-device bpfilter # Berkeley packet filter
-pseudo-device ipfilter # IP filter (firewall) and NAT
pseudo-device loop # network loopback
pseudo-device ppp # Point-to-Point Protocol
pseudo-device pppoe # PPP over Ethernet (RFC 2516)
@@ -875,10 +871,7 @@
pseudo-device vlan # IEEE 802.1q encapsulation
pseudo-device bridge # simple inter-network bridging
#options BRIDGE_IPF # bridge uses IP/IPv6 pfil hooks too
-#pseudo-device pf # PF packet filter
-#pseudo-device pflog # PF log if
-#pseudo-device pfsync # PF sync if
-#pseudo-device npf # NPF packet filter
+pseudo-device npf # NPF packet filter
# miscellaneous pseudo-devices
pseudo-device pty # pseudo-terminals
diff -r 2f69cf8a0d67 -r 1e02095de138 sys/arch/amd64/conf/XEN3_DOMU
--- a/sys/arch/amd64/conf/XEN3_DOMU Wed Aug 01 16:50:24 2018 +0000
+++ b/sys/arch/amd64/conf/XEN3_DOMU Wed Aug 01 16:59:09 2018 +0000
@@ -1,4 +1,4 @@
-# $NetBSD: XEN3_DOMU,v 1.85 2018/07/17 10:18:32 bouyer Exp $
+# $NetBSD: XEN3_DOMU,v 1.86 2018/08/01 16:59:09 maxv Exp $
include "arch/amd64/conf/std.xen"
@@ -10,7 +10,7 @@
#options UVMHIST_PRINT
#options SYSCALL_DEBUG
-#ident "XEN3_DOMU-$Revision: 1.85 $"
+#ident "XEN3_DOMU-$Revision: 1.86 $"
maxusers 32 # estimated number of users
@@ -123,10 +123,6 @@
options PPP_BSDCOMP # BSD-Compress compression support for PPP
options PPP_DEFLATE # Deflate compression support for PPP
options PPP_FILTER # Active filter support for PPP (requires bpf)
-options IPFILTER_LOG # ipmon(8) log support
-options IPFILTER_LOOKUP # ippool(8) support
-options IPFILTER_COMPAT # Compat for IP-Filter
-#options IPFILTER_DEFAULT_BLOCK # block all packets by default
#options TCP_DEBUG # Record last TCP_NDEBUG packets with SO_DEBUG
#options ALTQ # Manipulate network interfaces' output queues
@@ -207,7 +203,6 @@
# network pseudo-devices
pseudo-device bpfilter # Berkeley packet filter
#pseudo-device carp # Common Address Redundancy Protocol
-pseudo-device ipfilter # IP filter (firewall) and NAT
pseudo-device loop # network loopback
#pseudo-device mpls # MPLS pseudo-interface
pseudo-device ppp # Point-to-Point Protocol
@@ -222,10 +217,7 @@
pseudo-device vlan # IEEE 802.1q encapsulation
pseudo-device bridge # simple inter-network bridging
#options BRIDGE_IPF # bridge uses IP/IPv6 pfil hooks too
-#pseudo-device pf # PF packet filter
-#pseudo-device pflog # PF log if
-#pseudo-device pfsync # PF sync if
-#pseudo-device npf # NPF packet filter
+pseudo-device npf # NPF packet filter
options PAX_MPROTECT=1 # PaX mprotect(2) restrictions
options PAX_ASLR=1 # PaX Address Space Layout Randomization
diff -r 2f69cf8a0d67 -r 1e02095de138 sys/arch/i386/conf/GENERIC
--- a/sys/arch/i386/conf/GENERIC Wed Aug 01 16:50:24 2018 +0000
+++ b/sys/arch/i386/conf/GENERIC Wed Aug 01 16:59:09 2018 +0000
@@ -1,4 +1,4 @@
-# $NetBSD: GENERIC,v 1.1184 2018/07/31 16:44:29 khorben Exp $
+# $NetBSD: GENERIC,v 1.1185 2018/08/01 16:59:09 maxv Exp $
#
# GENERIC machine description file
#
@@ -22,7 +22,7 @@
options INCLUDE_CONFIG_FILE # embed config file in kernel binary
-#ident "GENERIC-$Revision: 1.1184 $"
+#ident "GENERIC-$Revision: 1.1185 $"
maxusers 64 # estimated number of users
@@ -194,10 +194,6 @@
#options PPP_BSDCOMP # BSD-Compress compression support for PPP
#options PPP_DEFLATE # Deflate compression support for PPP
options PPP_FILTER # Active filter support for PPP (requires bpf)
-options IPFILTER_LOG # ipmon(8) log support
-options IPFILTER_LOOKUP # ippool(8) support
-options IPFILTER_COMPAT # Compat for IP-Filter
-#options IPFILTER_DEFAULT_BLOCK # block all packets by default
#options TCP_DEBUG # Record last TCP_NDEBUG packets with SO_DEBUG
#options ALTQ # Manipulate network interfaces' output queues
@@ -1653,7 +1649,6 @@
# network pseudo-devices
pseudo-device bpfilter # Berkeley packet filter
#pseudo-device carp # Common Address Redundancy Protocol
-pseudo-device ipfilter # IP filter (firewall) and NAT
pseudo-device loop # network loopback
#pseudo-device mpls # MPLS pseudo-interface
pseudo-device ppp # Point-to-Point Protocol
@@ -1672,10 +1667,7 @@
pseudo-device bridge # simple inter-network bridging
#options BRIDGE_IPF # bridge uses IP/IPv6 pfil hooks too
pseudo-device agr # IEEE 802.3ad link aggregation
-#pseudo-device pf # PF packet filter
-#pseudo-device pflog # PF log if
-#pseudo-device pfsync # PF sync if
-#pseudo-device npf # NPF packet filter
+pseudo-device npf # NPF packet filter
#pseudo-device etherip # Tunnel Ethernet over IP
# srt is EXPERIMENTAL
#pseudo-device srt # source-address-based routing
diff -r 2f69cf8a0d67 -r 1e02095de138 sys/arch/i386/conf/GENERIC_PS2TINY
--- a/sys/arch/i386/conf/GENERIC_PS2TINY Wed Aug 01 16:50:24 2018 +0000
+++ b/sys/arch/i386/conf/GENERIC_PS2TINY Wed Aug 01 16:59:09 2018 +0000
@@ -1,4 +1,4 @@
-# $NetBSD: GENERIC_PS2TINY,v 1.79 2017/11/06 02:57:18 rin Exp $
+# $NetBSD: GENERIC_PS2TINY,v 1.80 2018/08/01 16:59:09 maxv Exp $
#
# GENERIC-style kernel config for IBM PS/2 with MCA bus. It only contains
# IBM PS/2 related stuff and has been generally trimmed down somewhat,
@@ -105,9 +105,6 @@
#options PPP_BSDCOMP # BSD-Compress compression support for PPP
#options PPP_DEFLATE # Deflate compression support for PPP
#options PPP_FILTER # Active filter support for PPP (requires bpf)
-#options IPFILTER_LOG # ipmon(8) log support
-#options IPFILTER_LOOKUP # ippool(8) support
-#options IPFILTER_DEFAULT_BLOCK # block all packets by default
#options TCP_DEBUG # Record last TCP_NDEBUG packets with SO_DEBUG
#options ALTQ # Manipulate network interfaces' output queues
diff -r 2f69cf8a0d67 -r 1e02095de138 sys/arch/i386/conf/GENERIC_TINY
--- a/sys/arch/i386/conf/GENERIC_TINY Wed Aug 01 16:50:24 2018 +0000
+++ b/sys/arch/i386/conf/GENERIC_TINY Wed Aug 01 16:59:09 2018 +0000
@@ -1,4 +1,4 @@
-# $NetBSD: GENERIC_TINY,v 1.157 2017/11/06 02:57:18 rin Exp $
+# $NetBSD: GENERIC_TINY,v 1.158 2018/08/01 16:59:09 maxv Exp $
#
# GENERIC_TINY -- suitable default for 4M machines
# No EISA, PCI, or SCSI.
@@ -98,10 +98,6 @@
#options PPP_BSDCOMP # BSD-Compress compression support for PPP
#options PPP_DEFLATE # Deflate compression support for PPP
#options PPP_FILTER # Active filter support for PPP (requires bpf)
-#options IPFILTER_LOG # ipmon(8) log support
-#options IPFILTER_LOOKUP # ippool(8) support
-options IPFILTER_COMPAT # Compat for IP-Filter
-#options IPFILTER_DEFAULT_BLOCK # block all packets by default
#options TCP_DEBUG # Record last TCP_NDEBUG packets with SO_DEBUG
#options ALTQ # Manipulate network interfaces' output queues
@@ -523,7 +519,7 @@
# network pseudo-devices
pseudo-device bpfilter # Berkeley packet filter
pseudo-device bridge # simple inter-network bridging
-pseudo-device ipfilter # IP filter (firewall) and NAT
+pseudo-device npf # NPF packet filter
pseudo-device loop # network loopback
pseudo-device ppp # Point-to-Point Protocol
pseudo-device pppoe # PPP over Ethernet (RFC 2516)
diff -r 2f69cf8a0d67 -r 1e02095de138 sys/arch/i386/conf/INSTALL_FLOPPY
--- a/sys/arch/i386/conf/INSTALL_FLOPPY Wed Aug 01 16:50:24 2018 +0000
+++ b/sys/arch/i386/conf/INSTALL_FLOPPY Wed Aug 01 16:59:09 2018 +0000
@@ -1,4 +1,4 @@
-# $NetBSD: INSTALL_FLOPPY,v 1.43 2017/11/06 02:57:18 rin Exp $
+# $NetBSD: INSTALL_FLOPPY,v 1.44 2018/08/01 16:59:09 maxv Exp $
#
# INSTALL - Installation kernel.
#
@@ -743,7 +743,6 @@
# network pseudo-devices
pseudo-device bpfilter # Berkeley packet filter
-#pseudo-device ipfilter # IP filter (firewall) and NAT
pseudo-device loop # network loopback
#pseudo-device ppp # Point-to-Point Protocol
pseudo-device sl # Serial Line IP
diff -r 2f69cf8a0d67 -r 1e02095de138 sys/arch/i386/conf/INSTALL_TINY
--- a/sys/arch/i386/conf/INSTALL_TINY Wed Aug 01 16:50:24 2018 +0000
+++ b/sys/arch/i386/conf/INSTALL_TINY Wed Aug 01 16:59:09 2018 +0000
@@ -1,4 +1,4 @@
-# $NetBSD: INSTALL_TINY,v 1.156 2017/11/06 02:57:18 rin Exp $
+# $NetBSD: INSTALL_TINY,v 1.157 2018/08/01 16:59:10 maxv Exp $
#
# This kernel should be derived from INSTALL (which is derived
# from GENERIC) with some features commented out.
@@ -485,7 +485,6 @@
# network pseudo-devices
#pseudo-device bpfilter # Berkeley packet filter
-#pseudo-device ipfilter # IP filter (firewall) and NAT
pseudo-device loop # network loopback
#pseudo-device ppp # Point-to-Point Protocol
#pseudo-device sl # Serial Line IP
diff -r 2f69cf8a0d67 -r 1e02095de138 sys/arch/i386/conf/NET4501
--- a/sys/arch/i386/conf/NET4501 Wed Aug 01 16:50:24 2018 +0000
+++ b/sys/arch/i386/conf/NET4501 Wed Aug 01 16:59:09 2018 +0000
@@ -1,4 +1,4 @@
-# $NetBSD: NET4501,v 1.101 2018/07/13 09:37:32 maxv Exp $
+# $NetBSD: NET4501,v 1.102 2018/08/01 16:59:10 maxv Exp $
#
# NET4501 -- kernel configuration for a Soekris Engineering net4501
# single-board computer.
@@ -10,7 +10,7 @@
#options INCLUDE_CONFIG_FILE # embed config file in kernel binary
-#ident "NET4501-$Revision: 1.101 $"
+#ident "NET4501-$Revision: 1.102 $"
maxusers 32 # estimated number of users
@@ -124,8 +124,6 @@
#options PPP_BSDCOMP # BSD-Compress compression support for PPP
#options PPP_DEFLATE # Deflate compression support for PPP
#options PPP_FILTER # Active filter support for PPP (requires bpf)
-#options IPFILTER_LOG # ipmon(8) log support
Home |
Main Index |
Thread Index |
Old Index