Module Name: src
Committed By: rmind
Date: Sun Sep 30 21:09:30 UTC 2012
Modified Files:
src/usr.sbin/npf/npfctl: npf.conf.5
Log Message:
Add some content to the Procedures section.
To generate a diff of this commit:
cvs rdiff -u -r1.21 -r1.22 src/usr.sbin/npf/npfctl/npf.conf.5
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/usr.sbin/npf/npfctl/npf.conf.5
diff -u src/usr.sbin/npf/npfctl/npf.conf.5:1.21 src/usr.sbin/npf/npfctl/npf.conf.5:1.22
--- src/usr.sbin/npf/npfctl/npf.conf.5:1.21 Sun Sep 30 13:15:03 2012
+++ src/usr.sbin/npf/npfctl/npf.conf.5 Sun Sep 30 21:09:30 2012
@@ -1,4 +1,4 @@
-.\" $NetBSD: npf.conf.5,v 1.21 2012/09/30 13:15:03 wiz Exp $
+.\" $NetBSD: npf.conf.5,v 1.22 2012/09/30 21:09:30 rmind Exp $
.\"
.\" Copyright (c) 2009-2012 The NetBSD Foundation, Inc.
.\" All rights reserved.
@@ -27,7 +27,7 @@
.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
.\" POSSIBILITY OF SUCH DAMAGE.
.\"
-.Dd September 29, 2012
+.Dd September 30, 2012
.Dt NPF.CONF 5
.Os
.Sh NAME
@@ -160,6 +160,21 @@ on packets originating from 10.1.1.0/24
Explicit filter criteria can be specified using "pass <criteria>" as
an additional option of the mapping.
.Ss Procedures
+Rule procedure is defined as a collection of extension calls (it may have
+none).
+Every extension call has a name and a list of options in a form of
+key-value pairs.
+Depending on the call, key might represent the argument and the value
+might be optional.
+For example:
+.Bd -literal
+procedure "someproc" {
+ log: npflog0
+ normalise: "random-id", "min-ttl" 64
+}
+.Ed
+.Pp
+In this case, procedure has a call to logging and normalisation modules.
.Ss Misc
Text after a hash (#) character is considered a comment.
The \\ character at the end of a line marks a continuation line,
