src - FreeBSD source tree

	Commit message (Collapse)	Author	Age	Files	Lines
...
*	libpfct: Fix PIC flag	Kristof Provost	2021-04-17	1	-1/+1
\| \| \| \| \| \| \| \|	Use ${PICFLAG} rather than hard-adding -fPIC, which removes the requirement for libnv to be built PIC. MFC after: 4 weeks Sponsored by: Rubicon Communications, LLC ("Netgate")
*	pfctl: Fix clearing rules counters	Kristof Provost	2021-04-14	2	-0/+14
\| \| \| \| \| \| \| \| \| \| \| \|	After the migration to libpfctl for rule retrieval we accidentally lost support for clearing the rules counters. Introduce a get_clear variant of pfctl_get_rule() which allows rules counters to be cleared. MFC after: 4 weeks Sponsored by: Rubicon Communications, LLC ("Netgate") Differential Revision: https://reviews.freebsd.org/D29727
*	pf: Implement the NAT source port selection of MAP-E Customer Edge	Kurosawa Takahiro	2021-04-13	2	-0/+25
\| \| \| \| \| \| \| \| \| \| \|	MAP-E (RFC 7597) requires special care for selecting source ports in NAT operation on the Customer Edge because a part of bits of the port numbers are used by the Border Relay to distinguish another side of the IPv4-over-IPv6 tunnel. PR: 254577 Reviewed by: kp Differential Revision: https://reviews.freebsd.org/D29468
*	pfctl, libpfctl: introduce pfctl_pool	Kurosawa Takahiro	2021-04-12	2	-3/+13
\| \| \| \| \| \| \| \| \|	Introduce pfctl_pool to be able to extend the pool part of the pf rule without breaking the ABI. Reviewed by: kp MFC after: 4 weeks Differential Revision: https://reviews.freebsd.org/D29721
*	libpfctl: Fix u_* counters	Kristof Provost	2021-04-10	2	-10/+6
\| \| \| \| \| \| \| \| \| \| \| \| \| \|	struct pf_rule had a few counter_u64_t counters. Those couldn't be usefully comminicated with userspace, so the fields were doubled up in uint64_t u_* versions. Now that we use struct pfctl_rule (i.e. a fully userspace version) we can safely change the structure and remove this wart. Reviewed by: glebius MFC after: 4 weeks Sponsored by: Rubicon Communications, LLC ("Netgate") Differential Revision: https://reviews.freebsd.org/D29645
*	libpfctl: Switch to pfctl_rule	Kristof Provost	2021-04-10	2	-8/+145
\| \| \| \| \| \| \| \| \| \| \|	Stop using the kernel's struct pf_rule, switch to libpfctl's pfctl_rule. Now that we use nvlists to communicate with the kernel these structures can be fully decoupled. Reviewed by: glebius MFC after: 4 weeks Sponsored by: Rubicon Communications, LLC ("Netgate") Differential Revision: https://reviews.freebsd.org/D29644
*	pfctl: Move ioctl abstraction functions into libpfctl	Kristof Provost	2021-04-10	3	-0/+593
	Introduce a library to wrap the pf ioctl interface. MFC after: 4 weeks Sponsored by: Rubicon Communications, LLC ("Netgate") Differential Revision: https://reviews.freebsd.org/D29562