| History log of /src/sys/net/npf/npf_os.c |
| Revision | | Date | Author | Comments |
| 1.23 |
| 01-Jul-2025 |
joe | kernel code for layer 2 filtering in NPF
reviewed by christos@
|
| 1.22 |
| 20-Mar-2025 |
pgoyette | Disable autounload for the npf module, until we can figure out why
it's causing panic during system startup.
|
| 1.21 |
| 27-Jan-2021 |
christos | branches: 1.21.24;
Don't silently ignore the errors from npfctl_run_op. We end up returning
packets to userland that are missing required fields (like in rule_add the
id of the rule) and npfctl aborts.
|
| 1.20 |
| 25-Jan-2021 |
christos | Fix locking issue: npf_default_pass needs to be called with the config lock
held.
|
| 1.19 |
| 18-Aug-2020 |
maxv | branches: 1.19.2;
Add missing cases, to prevent memory corruption.
Reported-by: syzbot+f8b8a689a3560dda27f7@syzkaller.appspotmail.com
|
| 1.18 |
| 30-May-2020 |
rmind | Major NPF improvements (merge from upstream):
- Switch to the C11-style atomic primitives using atomic_loadstore(9).
- npfkern: introduce the 'state.key.interface' and 'state.key.direction'
settings. Users can now choose whether the connection state should be
strictly per-interface or global at the configuration level. Keep NAT
logic to be always per-interface, though.
- npfkern: rewrite the G/C worker logic and make it self-tuning.
- npfkern and libnpf: multiple bug fixes; add param exporting; introduce
more parameters. Remove npf_nvlist_{copyin,copyout}() functions and
refactor npfctl_load_nvlist() with others; add npfctl_run_op() to have
a single entry point for operations. Introduce npf_flow_t and clean up
some code.
- npfctl: lots of fixes for the 'npfctl show' logic; make 'npfctl list'
more informative; misc usability improvements and more user-friendly
error messages.
- Amend and improve the manual pages.
|
| 1.17 |
| 25-Aug-2019 |
rmind | ake npfctl_switch() and pfil private to OS-specific module.
|
| 1.16 |
| 25-Aug-2019 |
rmind | - npfctl_load_nvlist: simplify the config loading logic.
- Fix a small race condition in npf_nat_getaddr().
- Rework pserialize/EBR wrappers, make it easier to maintain.
|
| 1.15 |
| 21-Aug-2019 |
rmind | npfkern/libnpf: Add support for the table replace/swap operation.
Contributed by Timshel Knoll-Miller.
|
| 1.14 |
| 11-Aug-2019 |
rmind | Adjust some internal NPF APIs:
* npfkern: use the npfk_ prefix.
* NPF portmap: amend the API so it could be used elsewhere.
* Make npf_connkey_t public.
|
| 1.13 |
| 10-Aug-2019 |
rmind | Add the ifnet_t::if_npf_private field. Bump the kernel version.
Fixes PR/54098.
|
| 1.12 |
| 23-Jul-2019 |
rmind | branches: 1.12.2;
NPF improvements:
- Add support for dynamic NETMAP algorithm (stateful net-to-net).
- Add most of the support for the dynamic NAT rules; a little bit more
userland work is needed to finish this up and enable.
- Replace 'stateful-ends' with more permissive 'stateful-all'.
- Add various tunable parameters and document them, see npf-params(7).
- Reduce the memory usage of the connection state table (conndb).
- Portmap rewrite: use memory more efficiently, handle addresses dynamically.
- Bug fix: add splsoftnet()/splx() around the thmap writers and comment.
- npftest: clean up and simplify; fix some memleaks to make ASAN happy.
|
| 1.11 |
| 27-Feb-2019 |
mrg | work around a GCC 7 vs sparc (32 bit) issue i haven't figured out
the real cause of yet.
mark npf_init() as non-static. for a yet-unknown reason, when this
function is inlined by the compiler (or a human!) into the single
caller, some CPUs end up in a hung state that can't be interrupted
eventually leading to system hang. eg:
[ 8.9693040] root on hme0
[ 8.9862690] nfs_boot: trying DHCP/BOOTP
xcall(cpu2,0xf0240ac8) from 0xf0241170: couldn't ping cpus: cpu1
is the symptom though sometimes nfs_boot is actually able to
complete mountroot before it hangs.
this may be a compiler bug but the symptom and the trigger are
far removed and my so-far reading of the "broken" npf_init
inlining has shown no issues, however, i haven't completed a
full scan of this asm in the past month so i'm commiting this
workaround for now.
|
| 1.10 |
| 29-Sep-2018 |
rmind | NPF: Major rework -- migrate NPF to the libnv library.
- This conversion significantly simplifies the code and moves NPF to
a binary serialisation format (replacing the XML-like format).
- Fix some memory/reference leaks and possibly use-after-free bugs.
- Bump NPF_VERSION as this change makes libnpf incompatible with the
previous versions. Also, different serialisation format means NPF
connection/config saving and loading is not compatible with the
previous versions either.
Thanks to christos@ for extra testing.
|
| 1.9 |
| 11-Dec-2017 |
ozaki-r | branches: 1.9.2; 1.9.4;
Rename IFNET_LOCK to IFNET_GLOBAL_LOCK
IFNET_LOCK will be used in another lock, if_ioctl_lock (might be renamed then).
|
| 1.8 |
| 17-Nov-2017 |
ozaki-r | branches: 1.8.2;
Provide macros for softnet_lock and KERNEL_LOCK hiding NET_MPSAFE switch
It reduces C&P codes such as "#ifndef NET_MPSAFE KERNEL_LOCK(1, NULL); ..."
scattered all over the source code and makes it easy to identify remaining
KERNEL_LOCK and/or softnet_lock that are held even if NET_MPSAFE.
No functional change
|
| 1.7 |
| 20-Jul-2017 |
pgoyette | The nof module depends on some stuff from the bpf module, so set the
required modules list accordingly.
|
| 1.6 |
| 27-Jan-2017 |
ryo | branches: 1.6.2; 1.6.6; 1.6.8;
Don't hold softnet_lock if NET_MPSAFE.
Some functions lock softnet_lock while waiting in pserialize_perform() in pfil_add_hook().
(e.g. key_timehandler(), etc)
|
| 1.5 |
| 03-Jan-2017 |
rmind | branches: 1.5.2; 1.5.4;
NPF: fix the interface table initialisation on load.
|
| 1.4 |
| 02-Jan-2017 |
christos | make this compile as a module.
|
| 1.3 |
| 02-Jan-2017 |
rmind | NPF: implement dynamic handling of interface addresses (the kernel part).
|
| 1.2 |
| 26-Dec-2016 |
rmind | Convert NPF to the latest pfil(9) changes.
|
| 1.1 |
| 26-Dec-2016 |
christos | Sync NPF with the version on github: backport standalone NPF changes,
which allow us to create and run separate NPF instances. Minor fixes.
(from rmind@)
|
| 1.5.4.1 |
| 21-Apr-2017 |
bouyer | Sync with HEAD
|
| 1.5.2.3 |
| 20-Mar-2017 |
pgoyette | Sync with HEAD
|
| 1.5.2.2 |
| 07-Jan-2017 |
pgoyette | Sync with HEAD. (Note that most of these changes are simply $NetBSD$
tag issues.)
|
| 1.5.2.1 |
| 03-Jan-2017 |
pgoyette | file npf_os.c was added on branch pgoyette-localcount on 2017-01-07 08:56:50 +0000
|
| 1.6.8.2 |
| 02-Jan-2018 |
snj | Pull up following revision(s) (requested by ozaki-r in ticket #456):
sys/arch/arm/sunxi/sunxi_emac.c: 1.9
sys/dev/ic/dwc_gmac.c: 1.43-1.44
sys/dev/pci/if_iwm.c: 1.75
sys/dev/pci/if_wm.c: 1.543
sys/dev/pci/ixgbe/ixgbe.c: 1.112
sys/dev/pci/ixgbe/ixv.c: 1.74
sys/kern/sys_socket.c: 1.75
sys/net/agr/if_agr.c: 1.43
sys/net/bpf.c: 1.219
sys/net/if.c: 1.397, 1.399, 1.401-1.403, 1.406-1.410, 1.412-1.416
sys/net/if.h: 1.242-1.247, 1.250, 1.252-1.257
sys/net/if_bridge.c: 1.140 via patch, 1.142-1.146
sys/net/if_etherip.c: 1.40
sys/net/if_ethersubr.c: 1.243, 1.246
sys/net/if_faith.c: 1.57
sys/net/if_gif.c: 1.132
sys/net/if_l2tp.c: 1.15, 1.17
sys/net/if_loop.c: 1.98-1.101
sys/net/if_media.c: 1.35
sys/net/if_pppoe.c: 1.131-1.132
sys/net/if_spppsubr.c: 1.176-1.177
sys/net/if_tun.c: 1.142
sys/net/if_vlan.c: 1.107, 1.109, 1.114-1.121
sys/net/npf/npf_ifaddr.c: 1.3
sys/net/npf/npf_os.c: 1.8-1.9
sys/net/rtsock.c: 1.230
sys/netcan/if_canloop.c: 1.3-1.5
sys/netinet/if_arp.c: 1.255
sys/netinet/igmp.c: 1.65
sys/netinet/in.c: 1.210-1.211
sys/netinet/in_pcb.c: 1.180
sys/netinet/ip_carp.c: 1.92, 1.94
sys/netinet/ip_flow.c: 1.81
sys/netinet/ip_input.c: 1.362
sys/netinet/ip_mroute.c: 1.147
sys/netinet/ip_output.c: 1.283, 1.285, 1.287
sys/netinet6/frag6.c: 1.61
sys/netinet6/in6.c: 1.251, 1.255
sys/netinet6/in6_pcb.c: 1.162
sys/netinet6/ip6_flow.c: 1.35
sys/netinet6/ip6_input.c: 1.183
sys/netinet6/ip6_output.c: 1.196
sys/netinet6/mld6.c: 1.90
sys/netinet6/nd6.c: 1.239-1.240
sys/netinet6/nd6_nbr.c: 1.139
sys/netinet6/nd6_rtr.c: 1.136
sys/netipsec/ipsec_output.c: 1.65
sys/rump/net/lib/libnetinet/netinet_component.c: 1.9-1.10
kmem_intr_free kmem_intr_[z]alloced memory
the underlying pools are the same but api-wise those should match
Unify IFEF_*_MPSAFE into IFEF_MPSAFE
There are already two flags for if_output and if_start, however, it seems such
MPSAFE flags are eventually needed for all if_XXX operations. Having discrete
flags for each operation is wasteful of if_extflags bits. So let's unify
the flags into one: IFEF_MPSAFE.
Fortunately IFEF_*_MPSAFE flags have never been included in any releases, so
we can change them without breaking backward compatibility of the releases
(though the kernel version of -current should be bumped).
Note that if an interface have both MP-safe and non-MP-safe operations at a
time, we have to set the IFEF_MPSAFE flag and let callees of non-MP-safe
opeartions take the kernel lock.
Proposed on tech-kern@ and tech-net@
Provide macros for softnet_lock and KERNEL_LOCK hiding NET_MPSAFE switch
It reduces C&P codes such as "#ifndef NET_MPSAFE KERNEL_LOCK(1, NULL); ..."
scattered all over the source code and makes it easy to identify remaining
KERNEL_LOCK and/or softnet_lock that are held even if NET_MPSAFE.
No functional change
Hold KERNEL_LOCK on if_ioctl selectively based on IFEF_MPSAFE
If IFEF_MPSAFE is set, hold the lock and otherwise don't hold.
This change requires additions of KERNEL_LOCK to subsequence functions from
if_ioctl such as ifmedia_ioctl and ifioctl_common to protect non-MP-safe
components.
Proposed on tech-kern@ and tech-net@
Ensure to hold if_ioctl_lock when calling if_flags_set
Fix locking against myself on ifpromisc
vlan_unconfig_locked could be called with holding if_ioctl_lock.
Ensure to not turn on IFF_RUNNING of an interface until its initialization completes
And ensure to turn off it before destruction as per IFF_RUNNING's description
"resource allocated". (The description is a bit doubtful though, I believe the
change is still proper.)
Ensure to hold if_ioctl_lock on if_up and if_down
One exception for if_down is if_detach; in the case the lock isn't needed
because it's guaranteed that no other one can access ifp at that point.
Make if_link_queue MP-safe if IFEF_MPSAFE
if_link_queue is a queue to store events of link state changes, which is
used to pass events from (typically) an interrupt handler to
if_link_state_change softint. The queue was protected by KERNEL_LOCK so far,
but if IFEF_MPSAFE is enabled, it becomes unsafe because (perhaps) an interrupt
handler of an interface with IFEF_MPSAFE doesn't take KERNEL_LOCK. Protect it
by a spin mutex.
Additionally with this change KERNEL_LOCK of if_link_state_change softint is
omitted if NET_MPSAFE is enabled.
Note that the spin mutex is now ifp->if_snd.ifq_lock as well as the case of
if_timer (see the comment).
Use IFADDR_WRITER_FOREACH instead of IFADDR_READER_FOREACH
At that point no other one modifies the list so IFADDR_READER_FOREACH
is unnecessary. Use of IFADDR_READER_FOREACH is harmless in general though,
if we try to detect contract violations of pserialize, using it violates
the contract. So avoid using it makes life easy.
Ensure to call if_addr_init with holding if_ioctl_lock
Get rid of outdated comments
Fix build of kernels without ether
By throwing out if_enable_vlan_mtu and if_disable_vlan_mtu that
created a unnecessary dependency from if.c to if_ethersubr.c.
PR kern/52790
Rename IFNET_LOCK to IFNET_GLOBAL_LOCK
IFNET_LOCK will be used in another lock, if_ioctl_lock (might be renamed then).
Wrap if_ioctl_lock with IFNET_* macros (NFC)
Also if_ioctl_lock perhaps needs to be renamed to something because it's now
not just for ioctl...
Reorder some destruction routines in if_detach
- Destroy if_ioctl_lock at the end of the if_detach because it's used in various
destruction routines
- Move psref_target_destroy after pr_purgeif because we want to use psref in
pr_purgeif (otherwise destruction procedures can be tricky)
Ensure to call if_mcast_op with holding IFNET_LOCK
Note that CARP doesn't deal with IFNET_LOCK yet.
Remove IFNET_GLOBAL_LOCK where it's unnecessary because IFNET_LOCK is held
Describe which lock is used to protect each member variable of struct ifnet
Requested by skrll@
Write a guideline for converting an interface to IFEF_MPSAFE
Requested by skrll@
Note that IFNET_LOCK must not be held in softint
Don't set IFEF_MPSAFE unless NET_MPSAFE at this point
Because recent investigations show that interfaces with IFEF_MPSAFE need to
follow additional restrictions to work with the flag safely. We should enable it
on an interface by default only if the interface surely satisfies the
restrictions, which are described in if.h.
Note that enabling IFEF_MPSAFE solely gains a few benefit on performance because
the network stack is still serialized by the big kernel locks by default.
|
| 1.6.8.1 |
| 25-Jul-2017 |
snj | Pull up following revision(s) (requested by pgoyette in ticket #155):
sys/net/npf/npf_os.c: revision 1.7
The npf module depends on some stuff from the bpf module, so set the
required modules list accordingly.
|
| 1.6.6.2 |
| 29-Apr-2017 |
pgoyette | Remove explicit inclusion of <sys/localcount.h> since there is no
explicit usage of localcounts here. <sys/conf.h> will take care of
including as needed.
|
| 1.6.6.1 |
| 28-Apr-2017 |
pgoyette | The npf device may be loaded as a (rump) module, so make sure we have a
localcount in its devsw
|
| 1.6.2.3 |
| 28-Aug-2017 |
skrll | Sync with HEAD
|
| 1.6.2.2 |
| 05-Feb-2017 |
skrll | Sync with HEAD
|
| 1.6.2.1 |
| 27-Jan-2017 |
skrll | file npf_os.c was added on branch nick-nhusb on 2017-02-05 13:40:58 +0000
|
| 1.8.2.2 |
| 03-Dec-2017 |
jdolecek | update from HEAD
|
| 1.8.2.1 |
| 17-Nov-2017 |
jdolecek | file npf_os.c was added on branch tls-maxphys on 2017-12-03 11:39:03 +0000
|
| 1.9.4.2 |
| 13-Apr-2020 |
martin | Mostly merge changes from HEAD upto 20200411
|
| 1.9.4.1 |
| 10-Jun-2019 |
christos | Sync with HEAD
|
| 1.9.2.1 |
| 30-Sep-2018 |
pgoyette | Ssync with HEAD
|
| 1.12.2.4 |
| 20-Jun-2020 |
martin | Pull up following revision(s) (requested by rmind in ticket #956):
usr.sbin/npf/npf-params.7: revision 1.4
sys/net/npf/npf_worker.c: revision 1.9
usr.sbin/npf/npftest/npftest.h: revision 1.17
usr.sbin/npf/npfctl/npf_bpf_comp.c: revision 1.16
usr.sbin/npf/npf-params.7: revision 1.5
sys/net/npf/npf_state_tcp.c: revision 1.21
usr.sbin/npf/npfctl/npf_build.c: revision 1.55
usr.sbin/npf/npf-params.7: revision 1.6
sys/net/npf/npfkern.h: revision 1.5
lib/libnpf/npf.c: revision 1.49
usr.sbin/npf/npf-params.7: revision 1.7
sys/net/npf/npf_impl.h: revision 1.81
sys/net/npf/npf_ext_log.c: revision 1.17
usr.sbin/npf/npfctl/npfctl.h: revision 1.53
usr.sbin/npf/npftest/libnpftest/npf_mbuf_subr.c: revision 1.11
sys/net/npf/npf_nat.c: revision 1.50
sys/net/npf/npf_mbuf.c: revision 1.24
sys/net/npf/npf_alg.c: revision 1.22
usr.sbin/npf/npftest/libnpftest/npf_nat_test.c: revision 1.14
usr.sbin/npf/npftest/libnpftest/npf_conn_test.c: file removal
usr.sbin/npf/npftest/libnpftest/npf_state_test.c: revision 1.10
sys/net/npf/npf.h: revision 1.63
usr.sbin/npf/npftest/libnpftest/npf_test.h: revision 1.21
usr.sbin/npf/npfctl/npf_var.c: revision 1.13
sys/net/npf/files.npf: revision 1.23
usr.sbin/npf/npfctl/npf_show.c: revision 1.32
usr.sbin/npf/npfctl/npf.conf.5: revision 1.91
sys/net/npf/npf_os.c: revision 1.18
sys/net/npf/npf_connkey.c: revision 1.2
sys/net/npf/npf_conf.c: revision 1.17
lib/libnpf/libnpf.3: revision 1.12
usr.sbin/npf/npftest/npftest.c: revision 1.25
usr.sbin/npf/npftest/libnpftest/npf_gc_test.c: revision 1.1
usr.sbin/npf/npfctl/npf_parse.y: revision 1.51
sys/net/npf/npf_tableset.c: revision 1.35
usr.sbin/npf/npftest/npftest.conf: revision 1.9
sys/net/npf/npf_sendpkt.c: revision 1.22
usr.sbin/npf/npfctl/npf_var.h: revision 1.10
sys/net/npf/npf_state.c: revision 1.23
sys/net/npf/npf_conn.h: revision 1.20
usr.sbin/npf/npfctl/npfctl.c: revision 1.64
usr.sbin/npf/npfctl/npf_cmd.c: revision 1.1
sys/net/npf/npf_portmap.c: revision 1.5
sys/net/npf/npf_params.c: revision 1.3
usr.sbin/npf/npfctl/npf_scan.l: revision 1.32
tests/net/npf/t_npf.sh: revision 1.4
sys/net/npf/npf_ext_rndblock.c: revision 1.9
lib/libnpf/npf.h: revision 1.39
sys/net/npf/npf_ruleset.c: revision 1.51
sys/net/npf/npf_alg_icmp.c: revision 1.33
sys/net/npf/npf.c: revision 1.43
usr.sbin/npf/npftest/libnpftest/npf_test_subr.c: revision 1.17
usr.sbin/npf/npfctl/npfctl.8: revision 1.25
sys/net/npf/npf_ctl.c: revision 1.60
usr.sbin/npf/npftest/libnpftest/npf_test_subr.c: revision 1.18
usr.sbin/npf/npftest/libnpftest/Makefile: revision 1.11
sys/net/npf/npf_handler.c: revision 1.49
sys/net/npf/npf_inet.c: revision 1.57
sys/net/npf/npf_ifaddr.c: revision 1.7
sys/net/npf/npf_conndb.c: revision 1.9
sys/net/npf/npf_if.c: revision 1.13
usr.sbin/npf/npfctl/Makefile: revision 1.15
sys/net/npf/npf_conn.c: revision 1.32
sys/net/npf/npf_ext_normalize.c: revision 1.10
sys/net/npf/npf_rproc.c: revision 1.20
sys/net/npf/npf_worker.c: revision 1.8
Major NPF improvements (merge from upstream):
- Switch to the C11-style atomic primitives using atomic_loadstore(9).
- npfkern: introduce the 'state.key.interface' and 'state.key.direction'
settings. Users can now choose whether the connection state should be
strictly per-interface or global at the configuration level. Keep NAT
logic to be always per-interface, though.
- npfkern: rewrite the G/C worker logic and make it self-tuning.
- npfkern and libnpf: multiple bug fixes; add param exporting; introduce
more parameters. Remove npf_nvlist_{copyin,copyout}() functions and
refactor npfctl_load_nvlist() with others; add npfctl_run_op() to have
a single entry point for operations. Introduce npf_flow_t and clean up
some code.
- npfctl: lots of fixes for the 'npfctl show' logic; make 'npfctl list'
more informative; misc usability improvements and more user-friendly
error messages.
- Amend and improve the manual pages.
npf_worker_sys{init,fini}: initialize/destroy the exit_cv condvar.
npftest -- npf_test_init(): add a workaround for NetBSD.
npf-params(7): fix the state.key defaults.
npf-params.7: s/filer/filter/
Adjust to "npfctl debug" command line changes, from rmind@.
Use more markup.
|
| 1.12.2.3 |
| 01-Sep-2019 |
martin | Pull up following revision(s) (requested by rmind in ticket #141):
usr.sbin/npf/npfctl/npf_bpf_comp.c: revision 1.15
sys/net/npf/npf_alg.c: revision 1.21
sys/net/npf/npf.h: revision 1.62
sys/net/npf/npf_ctl.c: revision 1.57
sys/net/npf/npf_ctl.c: revision 1.58
sys/net/npf/npf_os.c: revision 1.16
sys/net/npf/npf_os.c: revision 1.17
sys/net/npf/npf_conf.c: revision 1.15
sys/net/npf/npf_impl.h: revision 1.78
sys/sys/mbuf.h: revision 1.220
sys/net/npf/npf_impl.h: revision 1.79
sys/net/npf/npf.c: revision 1.41
usr.sbin/npf/npftest/libnpftest/npf_rule_test.c: revision 1.19
sys/net/npf/npf_nat.c: revision 1.48
sys/net/npf/npf_handler.c: revision 1.48
sys/net/npf/npf_ifaddr.c: revision 1.6
- npfctl_load_nvlist: simplify the config loading logic.
- Fix a small race condition in npf_nat_getaddr().
- Rework pserialize/EBR wrappers, make it easier to maintain.
Move PACKET_TAG_NPF where it belongs to.
Make npfctl_switch() and pfil private to OS-specific module.
|
| 1.12.2.2 |
| 01-Sep-2019 |
martin | Pull up following revision(s) (requested by rmind in ticket #139):
lib/libnpf/npf.c: revision 1.47
usr.sbin/npf/npftest/libnpftest/npf_nbuf_test.c: revision 1.10
usr.sbin/npf/npftest/libnpftest/npf_mbuf_subr.c: revision 1.10
sys/net/npf/npf.h: revision 1.61
sys/net/npf/npf_ctl.c: revision 1.56
sys/net/npf/npf_os.c: revision 1.15
lib/libnpf/libnpf.3: revision 1.10
sys/net/npf/npf_tableset.c: revision 1.34
usr.sbin/npf/npfctl/npfctl.c: revision 1.61
sys/net/npf/npf_impl.h: revision 1.77
lib/libnpf/npf.h: revision 1.37
- npftest: fix a memleak in a unit test (standalone path only).
- Minor style fixes. No functional change.
npfkern/libnpf: Add support for the table replace/swap operation.
Contributed by Timshel Knoll-Miller.
|
| 1.12.2.1 |
| 13-Aug-2019 |
martin | Pull up following revision(s) (requested by rmind in ticket #49):
usr.sbin/npf/npf.7: revision 1.7
sys/net/npf/npfkern.h: revision 1.4
sys/net/npf/npf_conn.h: revision 1.18
usr.sbin/npf/npftest/libnpftest/npf_nat_test.c: revision 1.13
sys/net/npf/npf_ctl.c: revision 1.55
sys/net/npf/npf_os.c: revision 1.14
sys/net/npf/npf_conf.c: revision 1.14
usr.sbin/npf/npftest/libnpftest/npf_conn_test.c: revision 1.3
usr.sbin/npf/npftest/libnpftest/npf_perf_test.c: revision 1.9
sys/net/npf/npf_impl.h: revision 1.76
sys/net/npf/npf_portmap.c: revision 1.4
sys/net/npf/npf_params.c: revision 1.2
sys/net/npf/npf.c: revision 1.40
usr.sbin/npf/npftest/libnpftest/npf_test_subr.c: revision 1.16
usr.sbin/npf/npftest/libnpftest/npf_rule_test.c: revision 1.18
sys/net/npf/npf_nat.c: revision 1.47
sys/net/npf/npf_handler.c: revision 1.47
sys/net/npf/npf_inet.c: revision 1.55
sys/net/npf/npf_if.c: revision 1.10
sys/net/npf/npf_worker.c: revision 1.7
usr.sbin/npf/npf-params.7: revision 1.3
npf-params(7): add more bpf.jit details.
From David H. Gutteridge.
Adjust some internal NPF APIs:
* npfkern: use the npfk_ prefix.
* NPF portmap: amend the API so it could be used elsewhere.
* Make npf_connkey_t public.
npf.7: add xref to npf-params.7
(Adding directly here since this particular file isn't included in
rmind@'s upstream GitHub repo at present.)
|
| 1.19.2.1 |
| 03-Apr-2021 |
thorpej | Sync with HEAD.
|
| 1.21.24.1 |
| 02-Aug-2025 |
perseant | Sync with HEAD
|
