FreeBSD source tree https://cgit-dev.freebsd.org/src-test/atom?h=main 2012-09-14T11:51:49Z 2012-09-14T11:51:49Z Gleb Smirnoff glebius@FreeBSD.org 2012-09-14T11:51:49Z urn:sha1:3b3a8eb937bf8045231e8364bfd1b94cd4a95979 reside, and move there ipfw(4) and pf(4). o Move most modified parts of pf out of contrib. Actual movements: sys/contrib/pf/net/*.c -> sys/netpfil/pf/ sys/contrib/pf/net/*.h -> sys/net/ contrib/pf/pfctl/*.c -> sbin/pfctl contrib/pf/pfctl/*.h -> sbin/pfctl contrib/pf/pfctl/pfctl.8 -> sbin/pfctl contrib/pf/pfctl/*.4 -> share/man/man4 contrib/pf/pfctl/*.5 -> share/man/man5 sys/netinet/ipfw -> sys/netpfil/ipfw The arguable movement is pf/net/*.h -> sys/net. There are future plans to refactor pf includes, so I decided not to break things twice. Not modified bits of pf left in contrib: authpf, ftp-proxy, tftp-proxy, pflogd. The ipfw(4) movement is planned to be merged to stable/9, to make head and stable match. Discussed with: bz, luigi 2012-09-08T06:41:54Z Gleb Smirnoff glebius@FreeBSD.org 2012-09-08T06:41:54Z urn:sha1:d6d3f01e0a3395c1fae34a3c4be7b051cb2d7581 into head. The most significant achievements in the new code: o Fine grained locking, thus much better performance. o Fixes to many problems in pf, that were specific to FreeBSD port. New code doesn't have that many ifdefs and much less OpenBSDisms, thus is more attractive to our developers. Those interested in details, can browse through SVN log of the projects/pf/head branch. And for reference, here is exact list of revisions merged: r232043, r232044, r232062, r232148, r232149, r232150, r232298, r232330, r232332, r232340, r232386, r232390, r232391, r232605, r232655, r232656, r232661, r232662, r232663, r232664, r232673, r232691, r233309, r233782, r233829, r233830, r233834, r233835, r233836, r233865, r233866, r233868, r233873, r234056, r234096, r234100, r234108, r234175, r234187, r234223, r234271, r234272, r234282, r234307, r234309, r234382, r234384, r234456, r234486, r234606, r234640, r234641, r234642, r234644, r234651, r235505, r235506, r235535, r235605, r235606, r235826, r235991, r235993, r236168, r236173, r236179, r236180, r236181, r236186, r236223, r236227, r236230, r236252, r236254, r236298, r236299, r236300, r236301, r236397, r236398, r236399, r236499, r236512, r236513, r236525, r236526, r236545, r236548, r236553, r236554, r236556, r236557, r236561, r236570, r236630, r236672, r236673, r236679, r236706, r236710, r236718, r237154, r237155, r237169, r237314, r237363, r237364, r237368, r237369, r237376, r237440, r237442, r237751, r237783, r237784, r237785, r237788, r237791, r238421, r238522, r238523, r238524, r238525, r239173, r239186, r239644, r239652, r239661, r239773, r240125, r240130, r240131, r240136, r240186, r240196, r240212. I'd like to thank people who participated in early testing: Tested by: Florian Smeets <flo freebsd.org> Tested by: Chekaluk Vitaly <artemrts ukr.net> Tested by: Ben Wilber <ben desync.com> Tested by: Ian FREISLICH <ianf cloudseed.co.za> 2012-02-03T13:54:25Z Bjoern A. Zeeb bz@FreeBSD.org 2012-02-03T13:54:25Z urn:sha1:bb4b19cae22e7c47d2b2807585219aecd50abb1e it in a function to dynamically query the currently supported number of FIBs by the kernel for FreeBSD. Sponsored by: Cisco Systems, Inc. 2012-01-05T23:11:05Z Robert Watson rwatson@FreeBSD.org 2012-01-05T23:11:05Z urn:sha1:460b3e8f1dc171327953ef67008b132d3426f112 configuration file man pages in section 5, and we prefer rc.conf to rc.conf.local. MFC after: 3 days 2011-06-28T11:57:25Z Bjoern A. Zeeb bz@FreeBSD.org 2011-06-28T11:57:25Z urn:sha1:e0bfbfce7922dd3c28eb072b599c6bb8f65f039e You need to update userland (world and ports) tools to be in sync with the kernel. Submitted by: mlaier Submitted by: eri 2011-06-13T20:11:28Z Bjoern A. Zeeb bz@FreeBSD.org 2011-06-13T20:11:28Z urn:sha1:38a253506a5f418263e8d892234d6166d54924f1 This allows one to force consistent printing of numeric port numbers like we do with -n for other tools like netstat (just that -n was already taken) rather than the service names. -P is currently unused in OpenBSD so the change is eligible for upstreaming. PR: misc/151015 Submitted by: Matt Koivisto (mkoivisto sandvine.com) Sponsored by: Sandvine Incorporated MFC after: 1 week 2009-12-24T00:43:44Z Xin LI delphij@FreeBSD.org 2009-12-24T00:43:44Z urn:sha1:dcc2b1ff467a89c005babf3948557776c63fc7e5 Server Return mode, where not all packets would be visible to the load balancer or gateway. This commit should be reverted when we merge future pf versions. The benefit it would provide is that this version does not break any existing public interface and thus won't be a problem if we want to MFC it to earlier FreeBSD releases. Discussed with: mlaier Obtained from: OpenBSD Sponsored by: iXsystems, Inc. MFC after: 1 month 2008-12-10T19:31:42Z Max Laier mlaier@FreeBSD.org 2008-12-10T19:31:42Z urn:sha1:551100331fc59409c6c0f7738ab22eb197b8df20 2008-05-09T23:53:01Z Julian Elischer julian@FreeBSD.org 2008-05-09T23:53:01Z urn:sha1:30ab20975fab9579a244e0a096d5213bdb88ba74 2008-03-29T00:24:36Z Max Laier mlaier@FreeBSD.org 2008-03-29T00:24:36Z urn:sha1:4239d24b98a8a28300e57c230ae1bd8fce23eb4a and netgraph in gernal). This also allows to add queues for an interface that is not yet existing (you have to provide the bandwidth for the interface, however). PR: kern/106400, kern/117827 MFC after: 2 weeks