Subject: CVS commit: src
To: None <source-changes@NetBSD.org>
From: David Young <dyoung@netbsd.org>
List: source-changes
Date: 05/10/2007 22:30:55
Module Name: src
Committed By: dyoung
Date: Thu May 10 22:30:55 UTC 2007
Modified Files:
src/dist/pf/sbin/pfctl: parse.y
src/sys/dist/pf/net: pf.c
Log Message:
pfctl: extend pf.conf(5) syntax. Let the operator supply an optional
"state lock" flag (if-bound, gr-bound, floating) at the end of a
NAT rule. The new syntax is backwards-compatbile with the old
syntax.
PF (kernel): change the macro BOUND_IFACE() to the inline function
bound_iface(), and add a new argument, the applicable NAT rule.
Use both the flags on the applicable filter rule and on the applicable
NAT rule to decide whether or not to bind a state to the interface
or the group where it is created.
To generate a diff of this commit:
cvs rdiff -r1.7 -r1.8 src/dist/pf/sbin/pfctl/parse.y
cvs rdiff -r1.37 -r1.38 src/sys/dist/pf/net/pf.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.