Source-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[src/trunk]: src/share/examples/npf track syntax change in npf.conf regarding...
details: https://anonhg.NetBSD.org/src/rev/a5fc941e765f
branches: trunk
changeset: 790131:a5fc941e765f
user: spz <spz%NetBSD.org@localhost>
date: Fri Sep 20 17:51:04 2013 +0000
description:
track syntax change in npf.conf regarding group
diffstat:
share/examples/npf/host-npf.conf | 8 ++++----
share/examples/npf/l2tp_gw-npf.conf | 6 +++---
share/examples/npf/soho_gw-npf.conf | 8 ++++----
3 files changed, 11 insertions(+), 11 deletions(-)
diffs (98 lines):
diff -r 26ba0e474b30 -r a5fc941e765f share/examples/npf/host-npf.conf
--- a/share/examples/npf/host-npf.conf Fri Sep 20 16:49:00 2013 +0000
+++ b/share/examples/npf/host-npf.conf Fri Sep 20 17:51:04 2013 +0000
@@ -1,4 +1,4 @@
-# $NetBSD: host-npf.conf,v 1.4 2012/12/09 22:12:26 rmind Exp $
+# $NetBSD: host-npf.conf,v 1.5 2013/09/20 17:51:04 spz Exp $
#
# this is an example of NPF rules for a host (i.e., not routing) with
# two network interfaces, wired and wifi
@@ -31,7 +31,7 @@
log: npflog0
}
-group (name "wired", interface $wired_if) {
+group "wired" on $wired_if {
# not being picky about our own address here
pass in final family inet6 proto ipv6-icmp all
@@ -74,7 +74,7 @@
}
-group (name "wifi", interface $wifi_if) {
+group "wifi" on $wifi_if {
# linklocal
pass in final family inet6 proto ipv6-icmp to fe80::/10
pass out final family inet6 proto ipv6-icmp from fe80::/10
@@ -116,7 +116,7 @@
pass stateful out final family inet from $wifi_v4
}
-group (default) {
+group default {
pass final on lo0 all
block all apply "log"
}
diff -r 26ba0e474b30 -r a5fc941e765f share/examples/npf/l2tp_gw-npf.conf
--- a/share/examples/npf/l2tp_gw-npf.conf Fri Sep 20 16:49:00 2013 +0000
+++ b/share/examples/npf/l2tp_gw-npf.conf Fri Sep 20 17:51:04 2013 +0000
@@ -19,7 +19,7 @@
log: npflog0
}
-group (name "external", interface $ext_if) {
+group "external" on $ext_if {
#
# Allow DHCP requests (even to reserved addresses).
#
@@ -127,13 +127,13 @@
block return-rst in final proto tcp flags S/SA all apply "log"
}
-group (name "internal", interface $int_if) {
+group "internal" on $int_if {
# Pass everything to internal networks,
# should be ok, because we are nat'ed.
pass final all
}
-group (default) {
+group default {
# Loopback interface should allows packets to traverse it.
pass final on lo0 all
# For one L2TP tunnel, needs interface pre-created, post-destroyed
diff -r 26ba0e474b30 -r a5fc941e765f share/examples/npf/soho_gw-npf.conf
--- a/share/examples/npf/soho_gw-npf.conf Fri Sep 20 16:49:00 2013 +0000
+++ b/share/examples/npf/soho_gw-npf.conf Fri Sep 20 17:51:04 2013 +0000
@@ -1,4 +1,4 @@
-# $NetBSD: soho_gw-npf.conf,v 1.4 2012/12/09 22:12:26 rmind Exp $
+# $NetBSD: soho_gw-npf.conf,v 1.5 2013/09/20 17:51:04 spz Exp $
#
# SOHO border
#
@@ -34,7 +34,7 @@
log: npflog0
}
-group (name "external", interface $ext_if) {
+group "external" on $ext_if {
pass stateful out final all
block in final from <1>
@@ -49,13 +49,13 @@
pass stateful in final proto udp to $ext_addrs port 33434-33600
}
-group (name "internal", interface $int_if) {
+group "internal" on $int_if {
block in all
pass in final from <2>
pass out final all
}
-group (default) {
+group default {
pass final on lo0 all
block all
}
Home |
Main Index |
Thread Index |
Old Index