Module Name: src Committed By: rmind Date: Tue Jul 23 00:52:02 UTC 2019
Modified Files: src/lib/libnpf: libnpf.3 npf.c npf.h src/sys/net/npf: files.npf npf.c npf.h npf_alg.c npf_alg_icmp.c npf_conf.c npf_conn.c npf_conn.h npf_conndb.c npf_ctl.c npf_handler.c npf_impl.h npf_inet.c npf_nat.c npf_os.c npf_rproc.c npf_ruleset.c npf_state.c npf_state_tcp.c npf_tableset.c npfkern.h src/sys/rump/net/lib/libnpf: Makefile src/usr.sbin/npf/npfctl: npf.conf.5 npf_bpf_comp.c npf_build.c npf_parse.y npf_scan.l npf_show.c npfctl.c npfctl.h src/usr.sbin/npf/npftest: npfstream.c npftest.c npftest.conf src/usr.sbin/npf/npftest/libnpftest: npf_bpf_test.c npf_conn_test.c npf_mbuf_subr.c npf_nat_test.c npf_nbuf_test.c npf_perf_test.c npf_rule_test.c npf_state_test.c npf_table_test.c npf_test.h npf_test_subr.c Added Files: src/sys/net/npf: npf_connkey.c npf_params.c npf_portmap.c src/usr.sbin/npf: npf-params.7 Log Message: NPF improvements: - Add support for dynamic NETMAP algorithm (stateful net-to-net). - Add most of the support for the dynamic NAT rules; a little bit more userland work is needed to finish this up and enable. - Replace 'stateful-ends' with more permissive 'stateful-all'. - Add various tunable parameters and document them, see npf-params(7). - Reduce the memory usage of the connection state table (conndb). - Portmap rewrite: use memory more efficiently, handle addresses dynamically. - Bug fix: add splsoftnet()/splx() around the thmap writers and comment. - npftest: clean up and simplify; fix some memleaks to make ASAN happy. To generate a diff of this commit: cvs rdiff -u -r1.7 -r1.8 src/lib/libnpf/libnpf.3 cvs rdiff -u -r1.45 -r1.46 src/lib/libnpf/npf.c cvs rdiff -u -r1.35 -r1.36 src/lib/libnpf/npf.h cvs rdiff -u -r1.21 -r1.22 src/sys/net/npf/files.npf \ src/sys/net/npf/npf_state.c cvs rdiff -u -r1.37 -r1.38 src/sys/net/npf/npf.c cvs rdiff -u -r1.59 -r1.60 src/sys/net/npf/npf.h cvs rdiff -u -r1.19 -r1.20 src/sys/net/npf/npf_alg.c \ src/sys/net/npf/npf_state_tcp.c cvs rdiff -u -r1.31 -r1.32 src/sys/net/npf/npf_alg_icmp.c cvs rdiff -u -r1.12 -r1.13 src/sys/net/npf/npf_conf.c cvs rdiff -u -r1.26 -r1.27 src/sys/net/npf/npf_conn.c cvs rdiff -u -r1.15 -r1.16 src/sys/net/npf/npf_conn.h cvs rdiff -u -r1.5 -r1.6 src/sys/net/npf/npf_conndb.c cvs rdiff -u -r0 -r1.1 src/sys/net/npf/npf_connkey.c \ src/sys/net/npf/npf_params.c src/sys/net/npf/npf_portmap.c cvs rdiff -u -r1.53 -r1.54 src/sys/net/npf/npf_ctl.c \ src/sys/net/npf/npf_inet.c cvs rdiff -u -r1.45 -r1.46 src/sys/net/npf/npf_handler.c \ src/sys/net/npf/npf_nat.c cvs rdiff -u -r1.74 -r1.75 src/sys/net/npf/npf_impl.h cvs rdiff -u -r1.11 -r1.12 src/sys/net/npf/npf_os.c cvs rdiff -u -r1.18 -r1.19 src/sys/net/npf/npf_rproc.c cvs rdiff -u -r1.47 -r1.48 src/sys/net/npf/npf_ruleset.c cvs rdiff -u -r1.32 -r1.33 src/sys/net/npf/npf_tableset.c cvs rdiff -u -r1.2 -r1.3 src/sys/net/npf/npfkern.h cvs rdiff -u -r1.26 -r1.27 src/sys/rump/net/lib/libnpf/Makefile cvs rdiff -u -r0 -r1.1 src/usr.sbin/npf/npf-params.7 cvs rdiff -u -r1.86 -r1.87 src/usr.sbin/npf/npfctl/npf.conf.5 cvs rdiff -u -r1.12 -r1.13 src/usr.sbin/npf/npfctl/npf_bpf_comp.c cvs rdiff -u -r1.48 -r1.49 src/usr.sbin/npf/npfctl/npf_build.c \ src/usr.sbin/npf/npfctl/npf_parse.y cvs rdiff -u -r1.28 -r1.29 src/usr.sbin/npf/npfctl/npf_scan.l cvs rdiff -u -r1.27 -r1.28 src/usr.sbin/npf/npfctl/npf_show.c cvs rdiff -u -r1.58 -r1.59 src/usr.sbin/npf/npfctl/npfctl.c cvs rdiff -u -r1.47 -r1.48 src/usr.sbin/npf/npfctl/npfctl.h cvs rdiff -u -r1.8 -r1.9 src/usr.sbin/npf/npftest/npfstream.c cvs rdiff -u -r1.23 -r1.24 src/usr.sbin/npf/npftest/npftest.c cvs rdiff -u -r1.6 -r1.7 src/usr.sbin/npf/npftest/npftest.conf cvs rdiff -u -r1.10 -r1.11 src/usr.sbin/npf/npftest/libnpftest/npf_bpf_test.c cvs rdiff -u -r1.1 -r1.2 src/usr.sbin/npf/npftest/libnpftest/npf_conn_test.c cvs rdiff -u -r1.8 -r1.9 src/usr.sbin/npf/npftest/libnpftest/npf_mbuf_subr.c \ src/usr.sbin/npf/npftest/libnpftest/npf_state_test.c cvs rdiff -u -r1.11 -r1.12 src/usr.sbin/npf/npftest/libnpftest/npf_nat_test.c \ src/usr.sbin/npf/npftest/libnpftest/npf_table_test.c cvs rdiff -u -r1.7 -r1.8 src/usr.sbin/npf/npftest/libnpftest/npf_nbuf_test.c \ src/usr.sbin/npf/npftest/libnpftest/npf_perf_test.c cvs rdiff -u -r1.16 -r1.17 \ src/usr.sbin/npf/npftest/libnpftest/npf_rule_test.c cvs rdiff -u -r1.18 -r1.19 src/usr.sbin/npf/npftest/libnpftest/npf_test.h cvs rdiff -u -r1.14 -r1.15 \ src/usr.sbin/npf/npftest/libnpftest/npf_test_subr.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.