NPF LOAD

To: tech-net%netbsd.org@localhost
Subject: NPF LOAD
From: Emmanuel Nyarko <emmankoko519%gmail.com@localhost>
Date: Fri, 11 Oct 2024 15:18:09 +0000

https://github.com/NetBSD/src/blob/trunk/usr.sbin/npf/npfctl/npfctl.c#L506

		ret = npfctl_load(fd);  
		fun = "npfctl_config_load”;  // looks like there’s a typo here
There’s no npfctl_config_load function in netbsd and npfctl_load isn’t doing what I’m expecting.



An issue to be fixed.

Have some configurations in /etc/npf.conf

# npfctl start
# npfctl show
    Output:
	filtering : active
	config.  : empty
# npfctl load //loading the configuration
# npfctl show
    output:
	filtering : active
	config  : empty // why is config empty here ??? 

#npfctl reload
#npfctl show
	filtering : active
	config.  : loaded
/************
Configurations listed below 
************/

I don’t know if it is a design philosophy but I think "npfctl load" should load the config too and not only reload doing that.

On the Manual

 load 
 Load the saved configuration file and the connections from the
file. Note that any existing connections will be destroyed.
Administrator may want to start packet inspection after the
load.

After doing 
# npfctl load
Then…
#npfctl start
# npfctl show
// same story with configuration file empty.


Emmanuel

Follow-Ups:
- Re: NPF LOAD
  - From: Martin Husemann

Prev by Date: Re: NetBSD packet filter
Next by Date: Re: NetBSD packet filter
Previous by Thread: flow monitoring recommendations
Next by Thread: Re: NPF LOAD
Indexes:

Home | Main Index | Thread Index | Old Index