#
5824df8d |
|
23-Mar-2024 |
Kristof Provost <kp@FreeBSD.org> |
pf: convert DIOCGETSTATUS to netlink Introduce pfctl_get_status_h() because we need the pfctl_handle. In this variant use netlink to obtain the information. Sponsored by: Rubicon Communications, LLC ("Netgate")
|
#
044243fc |
|
24-Apr-2024 |
Kristof Provost <kp@FreeBSD.org> |
libpfctl: allow access to the fd pfctl_open() opens both /dev/pf and a netlink socket. Allow access to the /dev/ pf fd via pfctl_fd(). This means that libpfctl users no longer have to open /dev/pf themselves for any calls that are not yet available in libpfctl. Sponsored by: Rubicon Communications, LLC ("Netgate") MFC after: 2 weeks
|
#
324fd7ec |
|
04-Jan-2024 |
Kristof Provost <kp@FreeBSD.org> |
libpfctl: introduce a handle-enabled variant of pfctl_add_rule() Introduce pfctl_add_rule_h(), which takes a pfctl_handle rather than a file descriptor (which it didn't use). This means that library users can open the handle while they're running as root, but later drop privileges and still add rules to pf. Sponsored by: Rubicon Communications, LLC ("Netgate")
|
#
ddd08375 |
|
29-Aug-2023 |
Kristof Provost <kp@FreeBSD.org> |
pf (t)ftp-proxy: use libpfctl instead of DIOCGETSTATUS Prefer libpfctl functions over direct access to the ioctl whenever possible. This will allow subsequent removal of DIOCGETSTATUS (in 15) as there already is an nvlist-based alternative. MFC after: 1 week Sponsored by: Rubicon Communications, LLC ("Netgate") Differential Revision: https://reviews.freebsd.org/D41647
|
#
8923ea6c |
|
01-Jul-2021 |
Kristof Provost <kp@FreeBSD.org> |
ftp-proxy: Revert incorrect migration to libpfctl libpfctl supports creating rules, but not (yet) adding addresses to a pool. Adding addresses certainly does not work through adding a rule. PR: 256917 MFC after: 1 week Sponsored by: Rubicon Communications, LLC ("Netgate")
|
#
e9eb0941 |
|
08-Apr-2021 |
Kristof Provost <kp@FreeBSD.org> |
libpfctl: Switch to pfctl_rule Stop using the kernel's struct pf_rule, switch to libpfctl's pfctl_rule. Now that we use nvlists to communicate with the kernel these structures can be fully decoupled. Reviewed by: glebius MFC after: 4 weeks Sponsored by: Rubicon Communications, LLC ("Netgate") Differential Revision: https://reviews.freebsd.org/D29644
|
#
95be9288 |
|
29-Mar-2021 |
Kristof Provost <kp@FreeBSD.org> |
(t)ftp-proxy: use libpfctl Reviewed by: glebius MFC after: 4 weeks Sponsored by: Rubicon Communications, LLC ("Netgate") Differential Revision: https://reviews.freebsd.org/D29641
|
#
a7d5f7eb |
|
19-Oct-2010 |
Jamie Gritton <jamie@FreeBSD.org> |
A new jail(8) with a configuration file, to replace the work currently done by /etc/rc.d/jail.
|
#
fe0506d7 |
|
09-Mar-2010 |
Marcel Moolenaar <marcel@FreeBSD.org> |
Create the altix project branch. The altix project will add support for the SGI Altix 350 to FreeBSD/ia64. The hardware used for porting is a two-module system, consisting of a base compute module and a CPU expansion module. SGI's NUMAFlex architecture can be an excellent platform to test CPU affinity and NUMA-aware features in FreeBSD.
|
#
d7f03759 |
|
19-Oct-2008 |
Ulf Lilleengen <lulf@FreeBSD.org> |
- Import the HEAD csup code which is the basis for the cvsmode work.
|
#
67ecd4f3 |
|
02-Jul-2007 |
Max Laier <mlaier@FreeBSD.org> |
Import pf userland from OpenBSD 4.1 and (for ftp-proxy) libevent 1.3b as a local lib.
|