CVS commit: src/share/examples/npf
Module Name:src Committed By: tsutsui Date: Mon Jul 31 16:09:01 UTC 2023 Modified Files: src/share/examples/npf: host-npf.conf soho_gw-npf.conf Log Message: Use proper variables for interface names in examples. To generate a diff of this commit: cvs rdiff -u -r1.11 -r1.12 src/share/examples/npf/host-npf.conf cvs rdiff -u -r1.20 -r1.21 src/share/examples/npf/soho_gw-npf.conf Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/share/examples/npf
Module Name:src Committed By: tsutsui Date: Mon Jul 31 16:09:01 UTC 2023 Modified Files: src/share/examples/npf: host-npf.conf soho_gw-npf.conf Log Message: Use proper variables for interface names in examples. To generate a diff of this commit: cvs rdiff -u -r1.11 -r1.12 src/share/examples/npf/host-npf.conf cvs rdiff -u -r1.20 -r1.21 src/share/examples/npf/soho_gw-npf.conf Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/share/examples/npf/host-npf.conf diff -u src/share/examples/npf/host-npf.conf:1.11 src/share/examples/npf/host-npf.conf:1.12 --- src/share/examples/npf/host-npf.conf:1.11 Sat Sep 21 11:46:25 2019 +++ src/share/examples/npf/host-npf.conf Mon Jul 31 16:09:01 2023 @@ -1,4 +1,4 @@ -# $NetBSD: host-npf.conf,v 1.11 2019/09/21 11:46:25 sevan Exp $ +# $NetBSD: host-npf.conf,v 1.12 2023/07/31 16:09:01 tsutsui Exp $ # # Simple ruleset for a host with (i.e., not routing) two interfaces, # ethernet and wifi. @@ -16,8 +16,8 @@ $wired_if = "wm0" $wifi_if = "iwn0" -$wired_addrs= ifaddrs(wm0) -$wifi_addrs = ifaddrs(iwn0) +$wired_addrs= ifaddrs($wired_if) +$wifi_addrs = ifaddrs($wifi_if) alg "icmp" Index: src/share/examples/npf/soho_gw-npf.conf diff -u src/share/examples/npf/soho_gw-npf.conf:1.20 src/share/examples/npf/soho_gw-npf.conf:1.21 --- src/share/examples/npf/soho_gw-npf.conf:1.20 Mon Nov 18 22:27:27 2019 +++ src/share/examples/npf/soho_gw-npf.conf Mon Jul 31 16:09:01 2023 @@ -1,4 +1,4 @@ -# $NetBSD: soho_gw-npf.conf,v 1.20 2019/11/18 22:27:27 sevan Exp $ +# $NetBSD: soho_gw-npf.conf,v 1.21 2023/07/31 16:09:01 tsutsui Exp $ # # SOHO border # @@ -7,8 +7,8 @@ # $ext_if = "wm0" -$ext_v4 = inet4(wm0) -$ext_addrs = ifaddrs(wm0) +$ext_v4 = inet4($ext_if) +$ext_addrs = ifaddrs($ext_if) $int_if = "wm1"
CVS commit: src/share/examples/npf
Module Name:src
Committed By: sevan
Date: Mon Nov 18 22:27:27 UTC 2019
Modified Files:
src/share/examples/npf: soho_gw-npf.conf
Log Message:
Rename the block table to something else to make it easier to differentiate
between action and name. Use this table as the example for populating by npfctl.
Drop the int-block table, it's quite cumbersome to have a firewall which
needs the internal network lists added if reboot. Use the localnet variable to
indicated which network we should pass in traffic from instead.
To generate a diff of this commit:
cvs rdiff -u -r1.19 -r1.20 src/share/examples/npf/soho_gw-npf.conf
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/share/examples/npf/soho_gw-npf.conf
diff -u src/share/examples/npf/soho_gw-npf.conf:1.19 src/share/examples/npf/soho_gw-npf.conf:1.20
--- src/share/examples/npf/soho_gw-npf.conf:1.19 Sun Sep 22 19:51:18 2019
+++ src/share/examples/npf/soho_gw-npf.conf Mon Nov 18 22:27:27 2019
@@ -1,4 +1,4 @@
-# $NetBSD: soho_gw-npf.conf,v 1.19 2019/09/22 19:51:18 sevan Exp $
+# $NetBSD: soho_gw-npf.conf,v 1.20 2019/11/18 22:27:27 sevan Exp $
#
# SOHO border
#
@@ -12,10 +12,9 @@ $ext_addrs = ifaddrs(wm0)
$int_if = "wm1"
-# a table to house e.g. block candidates in
-table type ipset file "/usr/share/examples/npf/hashtablefile"
-# feed this using e.g.: npfctl table "int-block" add 198.51.100.16/29
-table type lpm
+# a "naughty" step^W table to house blocked candidates in
+# feed this using e.g.: npfctl table "naughty" add 203.0.113.99
+table type ipset
$services_tcp = { http, https, smtp, domain, 6000, 9022 }
$services_udp = { domain, ntp, 6000 }
@@ -39,8 +38,8 @@ group "external" on $ext_if {
# Allow all outbound traffic
pass stateful out all
- # Block inbound traffic from those on the block table
- block in from
+ # Block inbound traffic from those on the naughty table
+ block in from
# Placeholder for blacklistd (configuration separate) to add blocked hosts
ruleset "blacklistd"
@@ -61,7 +60,7 @@ group "external" on $ext_if {
group "internal" on $int_if {
# Allow inbound traffic from LAN
- pass in from
+ pass in from $localnet
# All outbound traffic to LAN
pass out all
CVS commit: src/share/examples/npf
Module Name:src Committed By: sevan Date: Mon Nov 18 22:27:27 UTC 2019 Modified Files: src/share/examples/npf: soho_gw-npf.conf Log Message: Rename the block table to something else to make it easier to differentiate between action and name. Use this table as the example for populating by npfctl. Drop the int-block table, it's quite cumbersome to have a firewall which needs the internal network lists added if reboot. Use the localnet variable to indicated which network we should pass in traffic from instead. To generate a diff of this commit: cvs rdiff -u -r1.19 -r1.20 src/share/examples/npf/soho_gw-npf.conf Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/share/examples/npf
Module Name:src Committed By: sevan Date: Sun Sep 22 19:51:18 UTC 2019 Modified Files: src/share/examples/npf: soho_gw-npf.conf Log Message: Add support for blacklistd To generate a diff of this commit: cvs rdiff -u -r1.18 -r1.19 src/share/examples/npf/soho_gw-npf.conf Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/share/examples/npf
Module Name:src
Committed By: sevan
Date: Sun Sep 22 19:51:18 UTC 2019
Modified Files:
src/share/examples/npf: soho_gw-npf.conf
Log Message:
Add support for blacklistd
To generate a diff of this commit:
cvs rdiff -u -r1.18 -r1.19 src/share/examples/npf/soho_gw-npf.conf
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/share/examples/npf/soho_gw-npf.conf
diff -u src/share/examples/npf/soho_gw-npf.conf:1.18 src/share/examples/npf/soho_gw-npf.conf:1.19
--- src/share/examples/npf/soho_gw-npf.conf:1.18 Sun Sep 22 19:30:15 2019
+++ src/share/examples/npf/soho_gw-npf.conf Sun Sep 22 19:51:18 2019
@@ -1,4 +1,4 @@
-# $NetBSD: soho_gw-npf.conf,v 1.18 2019/09/22 19:30:15 sevan Exp $
+# $NetBSD: soho_gw-npf.conf,v 1.19 2019/09/22 19:51:18 sevan Exp $
#
# SOHO border
#
@@ -42,6 +42,9 @@ group "external" on $ext_if {
# Block inbound traffic from those on the block table
block in from
+ # Placeholder for blacklistd (configuration separate) to add blocked hosts
+ ruleset "blacklistd"
+
# Allow inbound SSH and log all connection attempts
pass stateful in family inet4 proto tcp to $ext_v4 port ssh \
apply "log"
CVS commit: src/share/examples/npf
Module Name:src
Committed By: sevan
Date: Sun Sep 22 19:30:16 UTC 2019
Modified Files:
src/share/examples/npf: soho_gw-npf.conf
Log Message:
Passive FTP works as a client without this and we're not hosting an FTP server
(port are not listed in services_tcp)
To generate a diff of this commit:
cvs rdiff -u -r1.17 -r1.18 src/share/examples/npf/soho_gw-npf.conf
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/share/examples/npf/soho_gw-npf.conf
diff -u src/share/examples/npf/soho_gw-npf.conf:1.17 src/share/examples/npf/soho_gw-npf.conf:1.18
--- src/share/examples/npf/soho_gw-npf.conf:1.17 Sat Sep 21 23:55:01 2019
+++ src/share/examples/npf/soho_gw-npf.conf Sun Sep 22 19:30:15 2019
@@ -1,4 +1,4 @@
-# $NetBSD: soho_gw-npf.conf,v 1.17 2019/09/21 23:55:01 sevan Exp $
+# $NetBSD: soho_gw-npf.conf,v 1.18 2019/09/22 19:30:15 sevan Exp $
#
# SOHO border
#
@@ -52,9 +52,6 @@ group "external" on $ext_if {
# Allow inbound traffic for services hosted on UDP
pass stateful in proto udp to $ext_addrs port $services_udp
- # Passive FTP
- pass stateful in proto tcp to $ext_addrs port 49151-65535
-
# Allow being tracerouted
pass stateful in proto udp to $ext_addrs port 33434-33600
}
CVS commit: src/share/examples/npf
Module Name:src Committed By: sevan Date: Sun Sep 22 19:30:16 UTC 2019 Modified Files: src/share/examples/npf: soho_gw-npf.conf Log Message: Passive FTP works as a client without this and we're not hosting an FTP server (port are not listed in services_tcp) To generate a diff of this commit: cvs rdiff -u -r1.17 -r1.18 src/share/examples/npf/soho_gw-npf.conf Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/share/examples/npf
Module Name:src Committed By: sevan Date: Sat Sep 21 23:55:01 UTC 2019 Modified Files: src/share/examples/npf: soho_gw-npf.conf Log Message: pastos To generate a diff of this commit: cvs rdiff -u -r1.16 -r1.17 src/share/examples/npf/soho_gw-npf.conf Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/share/examples/npf
Module Name:src
Committed By: sevan
Date: Sat Sep 21 23:55:01 UTC 2019
Modified Files:
src/share/examples/npf: soho_gw-npf.conf
Log Message:
pastos
To generate a diff of this commit:
cvs rdiff -u -r1.16 -r1.17 src/share/examples/npf/soho_gw-npf.conf
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/share/examples/npf/soho_gw-npf.conf
diff -u src/share/examples/npf/soho_gw-npf.conf:1.16 src/share/examples/npf/soho_gw-npf.conf:1.17
--- src/share/examples/npf/soho_gw-npf.conf:1.16 Sat Sep 21 21:10:56 2019
+++ src/share/examples/npf/soho_gw-npf.conf Sat Sep 21 23:55:01 2019
@@ -1,4 +1,4 @@
-# $NetBSD: soho_gw-npf.conf,v 1.16 2019/09/21 21:10:56 sevan Exp $
+# $NetBSD: soho_gw-npf.conf,v 1.17 2019/09/21 23:55:01 sevan Exp $
#
# SOHO border
#
@@ -42,14 +42,14 @@ group "external" on $ext_if {
# Block inbound traffic from those on the block table
block in from
- # Allow SSH on wired interface and log all connection attempts
+ # Allow inbound SSH and log all connection attempts
pass stateful in family inet4 proto tcp to $ext_v4 port ssh \
apply "log"
# Allow inbound traffic for services hosted on TCP
pass stateful in proto tcp to $ext_addrs port $services_tcp
- # Allow inbound traffic for services hosted on TCP
+ # Allow inbound traffic for services hosted on UDP
pass stateful in proto udp to $ext_addrs port $services_udp
# Passive FTP
CVS commit: src/share/examples/npf
Module Name:src Committed By: sevan Date: Sat Sep 21 21:10:56 UTC 2019 Modified Files: src/share/examples/npf: soho_gw-npf.conf Log Message: improve description To generate a diff of this commit: cvs rdiff -u -r1.15 -r1.16 src/share/examples/npf/soho_gw-npf.conf Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/share/examples/npf
Module Name:src
Committed By: sevan
Date: Sat Sep 21 21:10:56 UTC 2019
Modified Files:
src/share/examples/npf: soho_gw-npf.conf
Log Message:
improve description
To generate a diff of this commit:
cvs rdiff -u -r1.15 -r1.16 src/share/examples/npf/soho_gw-npf.conf
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/share/examples/npf/soho_gw-npf.conf
diff -u src/share/examples/npf/soho_gw-npf.conf:1.15 src/share/examples/npf/soho_gw-npf.conf:1.16
--- src/share/examples/npf/soho_gw-npf.conf:1.15 Sat Sep 21 20:41:52 2019
+++ src/share/examples/npf/soho_gw-npf.conf Sat Sep 21 21:10:56 2019
@@ -1,4 +1,4 @@
-# $NetBSD: soho_gw-npf.conf,v 1.15 2019/09/21 20:41:52 sevan Exp $
+# $NetBSD: soho_gw-npf.conf,v 1.16 2019/09/21 21:10:56 sevan Exp $
#
# SOHO border
#
@@ -54,7 +54,8 @@ group "external" on $ext_if {
# Passive FTP
pass stateful in proto tcp to $ext_addrs port 49151-65535
- # Traceroute
+
+ # Allow being tracerouted
pass stateful in proto udp to $ext_addrs port 33434-33600
}
CVS commit: src/share/examples/npf
Module Name:src
Committed By: sevan
Date: Sat Sep 21 20:41:52 UTC 2019
Modified Files:
src/share/examples/npf: soho_gw-npf.conf
Log Message:
Add descriptions for all rules and make use of localnet variable in place of
direct IP address
To generate a diff of this commit:
cvs rdiff -u -r1.14 -r1.15 src/share/examples/npf/soho_gw-npf.conf
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/share/examples/npf/soho_gw-npf.conf
diff -u src/share/examples/npf/soho_gw-npf.conf:1.14 src/share/examples/npf/soho_gw-npf.conf:1.15
--- src/share/examples/npf/soho_gw-npf.conf:1.14 Sat Sep 21 20:35:52 2019
+++ src/share/examples/npf/soho_gw-npf.conf Sat Sep 21 20:41:52 2019
@@ -1,4 +1,4 @@
-# $NetBSD: soho_gw-npf.conf,v 1.14 2019/09/21 20:35:52 sevan Exp $
+# $NetBSD: soho_gw-npf.conf,v 1.15 2019/09/21 20:41:52 sevan Exp $
#
# SOHO border
#
@@ -24,23 +24,32 @@ $localnet = { 198.51.100.0/24 }
# NAT outgoing to the address of the external interface
# Note: if $ext_if has multiple IP addresses (e.g. IPv6 as well),
# then the translation address has to be specified explicitly.
-map $ext_if dynamic 198.51.100.0/24 -> $ext_v4
+map $ext_if dynamic $localnet -> $ext_v4
# NAT traffic arriving on port 9022 of the external interface address
# to host 198.51.100.2 port 22
map $ext_if dynamic 198.51.100.2 port 22 <- $ext_v4 port 9022
procedure "log" {
+ # Send log events to npflog0, see npfd(8)
log: npflog0
}
group "external" on $ext_if {
+ # Allow all outbound traffic
pass stateful out all
+ # Block inbound traffic from those on the block table
block in from
+
+ # Allow SSH on wired interface and log all connection attempts
pass stateful in family inet4 proto tcp to $ext_v4 port ssh \
apply "log"
+
+ # Allow inbound traffic for services hosted on TCP
pass stateful in proto tcp to $ext_addrs port $services_tcp
+
+ # Allow inbound traffic for services hosted on TCP
pass stateful in proto udp to $ext_addrs port $services_udp
# Passive FTP
@@ -50,11 +59,20 @@ group "external" on $ext_if {
}
group "internal" on $int_if {
+ # Allow inbound traffic from LAN
pass in from
+
+ # All outbound traffic to LAN
pass out all
}
group default {
+ # Default deny, otherwise last matching rule wins
+ block all apply "log"
+
+ # Don't block loopback
pass on lo0 all
- block all
+
+ # Allow incoming IPv4 pings
+ pass in family inet4 proto icmp icmp-type echo all
}
CVS commit: src/share/examples/npf
Module Name:src Committed By: sevan Date: Sat Sep 21 20:41:52 UTC 2019 Modified Files: src/share/examples/npf: soho_gw-npf.conf Log Message: Add descriptions for all rules and make use of localnet variable in place of direct IP address To generate a diff of this commit: cvs rdiff -u -r1.14 -r1.15 src/share/examples/npf/soho_gw-npf.conf Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/share/examples/npf
Module Name:src
Committed By: sevan
Date: Sat Sep 21 20:35:52 UTC 2019
Modified Files:
src/share/examples/npf: soho_gw-npf.conf
Log Message:
default policy is to blockall
To generate a diff of this commit:
cvs rdiff -u -r1.13 -r1.14 src/share/examples/npf/soho_gw-npf.conf
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/share/examples/npf/soho_gw-npf.conf
diff -u src/share/examples/npf/soho_gw-npf.conf:1.13 src/share/examples/npf/soho_gw-npf.conf:1.14
--- src/share/examples/npf/soho_gw-npf.conf:1.13 Sat Sep 21 20:31:31 2019
+++ src/share/examples/npf/soho_gw-npf.conf Sat Sep 21 20:35:52 2019
@@ -1,4 +1,4 @@
-# $NetBSD: soho_gw-npf.conf,v 1.13 2019/09/21 20:31:31 sevan Exp $
+# $NetBSD: soho_gw-npf.conf,v 1.14 2019/09/21 20:35:52 sevan Exp $
#
# SOHO border
#
@@ -50,7 +50,6 @@ group "external" on $ext_if {
}
group "internal" on $int_if {
- block in all
pass in from
pass out all
}
CVS commit: src/share/examples/npf
Module Name:src Committed By: sevan Date: Sat Sep 21 20:35:52 UTC 2019 Modified Files: src/share/examples/npf: soho_gw-npf.conf Log Message: default policy is to blockall To generate a diff of this commit: cvs rdiff -u -r1.13 -r1.14 src/share/examples/npf/soho_gw-npf.conf Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/share/examples/npf
Module Name:src Committed By: sevan Date: Sat Sep 21 20:31:31 UTC 2019 Modified Files: src/share/examples/npf: soho_gw-npf.conf Log Message: Drop the final keyword to use the default policy of last matching rule wins To generate a diff of this commit: cvs rdiff -u -r1.12 -r1.13 src/share/examples/npf/soho_gw-npf.conf Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/share/examples/npf
Module Name:src
Committed By: sevan
Date: Sat Sep 21 20:31:31 UTC 2019
Modified Files:
src/share/examples/npf: soho_gw-npf.conf
Log Message:
Drop the final keyword to use the default policy of last matching rule wins
To generate a diff of this commit:
cvs rdiff -u -r1.12 -r1.13 src/share/examples/npf/soho_gw-npf.conf
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/share/examples/npf/soho_gw-npf.conf
diff -u src/share/examples/npf/soho_gw-npf.conf:1.12 src/share/examples/npf/soho_gw-npf.conf:1.13
--- src/share/examples/npf/soho_gw-npf.conf:1.12 Thu Apr 11 10:17:21 2019
+++ src/share/examples/npf/soho_gw-npf.conf Sat Sep 21 20:31:31 2019
@@ -1,4 +1,4 @@
-# $NetBSD: soho_gw-npf.conf,v 1.12 2019/04/11 10:17:21 sevan Exp $
+# $NetBSD: soho_gw-npf.conf,v 1.13 2019/09/21 20:31:31 sevan Exp $
#
# SOHO border
#
@@ -35,27 +35,27 @@ procedure "log" {
}
group "external" on $ext_if {
- pass stateful out final all
+ pass stateful out all
- block in final from
- pass stateful in final family inet4 proto tcp to $ext_v4 port ssh \
+ block in from
+ pass stateful in family inet4 proto tcp to $ext_v4 port ssh \
apply "log"
- pass stateful in final proto tcp to $ext_addrs port $services_tcp
- pass stateful in final proto udp to $ext_addrs port $services_udp
+ pass stateful in proto tcp to $ext_addrs port $services_tcp
+ pass stateful in proto udp to $ext_addrs port $services_udp
# Passive FTP
- pass stateful in final proto tcp to $ext_addrs port 49151-65535
+ pass stateful in proto tcp to $ext_addrs port 49151-65535
# Traceroute
- pass stateful in final proto udp to $ext_addrs port 33434-33600
+ pass stateful in proto udp to $ext_addrs port 33434-33600
}
group "internal" on $int_if {
block in all
- pass in final from
- pass out final all
+ pass in from
+ pass out all
}
group default {
- pass final on lo0 all
+ pass on lo0 all
block all
}
CVS commit: src/share/examples/npf
Module Name:src
Committed By: sevan
Date: Sat Sep 21 11:46:25 UTC 2019
Modified Files:
src/share/examples/npf: host-npf.conf
Log Message:
With bin/54124 fixed, the rule needs to be explicitly set to stateful.
To generate a diff of this commit:
cvs rdiff -u -r1.10 -r1.11 src/share/examples/npf/host-npf.conf
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/share/examples/npf/host-npf.conf
diff -u src/share/examples/npf/host-npf.conf:1.10 src/share/examples/npf/host-npf.conf:1.11
--- src/share/examples/npf/host-npf.conf:1.10 Tue Apr 16 10:52:28 2019
+++ src/share/examples/npf/host-npf.conf Sat Sep 21 11:46:25 2019
@@ -1,4 +1,4 @@
-# $NetBSD: host-npf.conf,v 1.10 2019/04/16 10:52:28 sevan Exp $
+# $NetBSD: host-npf.conf,v 1.11 2019/09/21 11:46:25 sevan Exp $
#
# Simple ruleset for a host with (i.e., not routing) two interfaces,
# ethernet and wifi.
@@ -31,7 +31,7 @@ group "wired" on $wired_if {
ruleset "blacklistd"
# Allow SSH on wired interface and log all connection attempts
-pass in on $wired_if proto tcp to $wired_addrs port ssh apply "log"
+pass stateful in on $wired_if proto tcp to $wired_addrs port ssh apply "log"
}
group "wifi" on $wifi_if {
CVS commit: src/share/examples/npf
Module Name:src Committed By: sevan Date: Sat Sep 21 11:46:25 UTC 2019 Modified Files: src/share/examples/npf: host-npf.conf Log Message: With bin/54124 fixed, the rule needs to be explicitly set to stateful. To generate a diff of this commit: cvs rdiff -u -r1.10 -r1.11 src/share/examples/npf/host-npf.conf Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
Re: CVS commit: src/share/examples/npf
On Mon, 20 Aug 2012, Paul Goyette wrote: Update sets list? Oh, wait, looks like it's not (yet) being installed (no Makefile was updated). On Mon, 20 Aug 2012, S.P.Zeidler wrote: Module Name:src Committed By: spz Date: Mon Aug 20 21:09:50 UTC 2012 Added Files: src/share/examples/npf: host-npf.conf Log Message: add an example for a npf.conf It probably could do with polishing of both rules and comments, but meh, better than nothing - | Paul Goyette | PGP Key fingerprint: | E-mail addresses: | | Customer Service | FA29 0E3B 35AF E8AE 6651 | paul at whooppee.com| | Network Engineer | 0786 F758 55DE 53BA 7731 | pgoyette at juniper.net | | Kernel Developer | | pgoyette at netbsd.org | -
Re: CVS commit: src/share/examples/npf
Update sets list? On Mon, 20 Aug 2012, S.P.Zeidler wrote: Module Name:src Committed By: spz Date: Mon Aug 20 21:09:50 UTC 2012 Added Files: src/share/examples/npf: host-npf.conf Log Message: add an example for a npf.conf It probably could do with polishing of both rules and comments, but meh, better than nothing To generate a diff of this commit: cvs rdiff -u -r0 -r1.1 src/share/examples/npf/host-npf.conf Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. !DSPAM:5032a7a6275436711015411! - | Paul Goyette | PGP Key fingerprint: | E-mail addresses: | | Customer Service | FA29 0E3B 35AF E8AE 6651 | paul at whooppee.com| | Network Engineer | 0786 F758 55DE 53BA 7731 | pgoyette at juniper.net | | Kernel Developer | | pgoyette at netbsd.org | -
